Hackers compromise NGINX servers to redirect user traffic

Published on February 4, 2026

A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's backend infrastructure. [...]

Continue reading on website
Other news

Critical n8n flaws disclosed along with public exploits

February 4, 2026
Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server. [...]

Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers

February 5, 2026
Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it through the attacker's infrastructure.Datadog Security Labs said it observed threat actors associated with the recent React2Shell (CVE-2025-55182, CVSS score: 10.0) exploitation using malicious NGINX