CSO Online1h
Critical RCE flaws put Kubernetes clusters at risk of takeover
The vulnerabilities dubbed IngressNightmare can allow unauthenticated users to inject malicious NGINX configurations and ...
InfoWorld6h
Warning for developers, web admins: update Next.js to prevent exploit
Vercel recommends that, if patching to a safe version is not feasible, admins should prevent external user requests which ...
Days after the Signal leak, the Pentagon warned the app was the target of hackers
A Pentagon-wide advisory that went out one week ago warned against using Signal, the messaging app, even for unclassified ...
SecurityWeek10h
Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots
DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a ...
SecurityWeek11h
IngressNightmare Flaws Expose Kubernetes Clusters to Remote Hacking
Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes.
The Hacker News22h
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
Next.js flaw CVE-2025-29927 bypasses authorization checks in versions 12.3.5 to 15.2.3, risking admin page access.