The Hacker News

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.
Security Boulevard

CVE-2026-42945: Imperva Customers Protected Against Critical NGINX Rewrite Module Vulnerability

TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the ...

Inside Gemini Spark: Code Reveals The Skill System And Task Scheduler Powering Google's AI Agent

What's next for the Gemini Agent? Hidden Android 17 code reveals new autonomous skills and task scheduling. But does your ...

Gangster Hunts 'Unknown Gunmen': Pakistan-Based Terror Operative Shahzad Bhatti Hunts For Elite Indian Hitmen

Security agencies are closely monitoring Pakistan-based terror operative Shahzad Bhatti after intelligence inputs suggested ...
Morning Overview on MSN

An 18-year-old heap buffer overflow in NGINX gives attackers remote code execution — billions of devices run the affected module

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

‘Enemy within’ strategy: NIA reveals Pakistan’s plan to push Ghazwa-e-Hind through ‘doctor-terror’ module

NIA's chargesheet reveals Ansar Ghazwat-ul-Hind (AGuH) has evolved from a forest-based group to an urban threat, orchestrated ...

Trinasolar and Solar Juice Sign 1GW Supply Agreement for Australian Rooftop Solar Market

Trinasolar, a global leader in smart PV and energy storage solutions, has signed a Memorandum of Understanding (MoU) with ...

The US-China trade war is entering a worrying new phase: a legal arms race

The US and China are racing to roll out competing sanctions, rules and regulations, leaving firms trapped in a legal Catch-22 ...

Zero-day exploit completely defeats default Windows 11 BitLocker protections

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker ...

Enphase Energy Just Opened New U.S. Preorders. ENPH Stock Is Soaring.

Enphase stock is in focus as the company opens IQ9S Commercial Microinverters pre-orders in the U.S. Here’s why the ...
CSOonline

AI agent finds 18-year-old remote code execution flaw in Nginx

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...