Security Boulevard

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

Claude Mythos Isn’t Just A PR Stunt, It’s The New Face Of Offensive AI

Claude Mythos represents a new generation of AI models that can conduct autonomous attacks more effectively than ever before.
SecurityWeek

Exploited Vulnerability Exposes Nginx Servers to Hacking

Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool.
SecurityWeek

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

A ‘by design’ flaw in Anthropic’s Model Context Protocol (MCP) could allow silent command execution and full system ...

Tips to protect your home internet network after a Russian router hack

Following a large-scale Russian hacking operation targeting routers, and new FCC guidance, what can you do to make sure your home internet connection is safe?