Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
Cybernews

Faster Websites with Dedicated or Cloud Hosting

Choosing the right hosting can speed up your website. Dedicated and cloud hosting give you more control over server resources ...

Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.
Dark Reading

Adobe Patches Actively Exploited Zero-Day That Lingered for Months

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...
SecurityWeek

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Multiple vulnerabilities in the Orthanc DICOM server could be exploited to cause crashes, leak information, or execute ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution ...

New Progress ShareFile flaws can be chained in pre-auth RCE attacks

Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable ...
PC Tech Magazine

Everything You Need to Know About Comodo Certificates

When a visitor lands on your website, they look for immediate signs of safety. That little padlock icon next to your web address tells them their data remains private. If your site lacks this security ...
XDA Developers on MSN

Your Proxmox 8 server stops getting security updates in August, and upgrading to PVE 9 isn't straightforward

Whatever you do, remember to back up your virtual guests ...
Wired

Security News This Week: A Hacker Accidentally Broke Into the FBI’s Epstein Files

Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more. Of course, the international ...