The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

13-year-old bug in ActiveMQ lets hackers remotely execute commands

Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone ...
The Hacker News

Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region

Hack-for-hire phishing tied to Bitter targeted MENA journalists from 2023–2025, compromising an Apple account and enabling ...