Critical Nginx UI auth bypass flaw now actively exploited in the wild

Published on April 15, 2026

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication. [...]

Continue reading on website
Other news

New AgingFly malware used in attacks on Ukraine govt, hospitals

April 15, 2026
A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger. [...]

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

April 16, 2026
The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp.The activity, which was observed between March and April