Depthfirst has published technical details and proof-of-concept (PoC) exploit code targeting a critical NGINX vulnerability.

Other noteworthy stories that might have slipped under the radar: Nvidia cloud gaming data breach, Android 17 security upgrades, FBI warning after ShinyHunters hacks Canvas. SecurityWeek’s weekly ...

Microsoft is working to patch CVE-2026-42897, an Exchange Server zero-day vulnerability that has been exploited in attacks.

Cisco has patched yet another critical SD-WAN zero-day vulnerability, the sixth SD-WAN flaw whose exploitation came to light ...

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security ...

Google has released a Chrome 148 update that resolves 79 vulnerabilities, including 14 critical-severity security defects.

OpenAI has rotated code-signing certificates after code repositories containing them were compromised in the TanStack supply ...

A disgruntled security researcher this week publicly disclosed two zero-day vulnerabilities in Windows that enable BitLocker ...

A ransomware attack forced West Pharmaceutical Services to take systems offline globally, disrupting operations.

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

Linux distributions are affected by Fragnesia, a new kernel vulnerability tracked as CVE-2026-46300 that can be exploited for ...

Data centers have always been among the most challenging environments to secure. Physical servers host hypervisors.