TechJuice

KP Government Database Allegedly Leaked on Dark Web

A threat actor claims to have leaked a database from a KP government domain, exposing login credentials, user roles, and ...
Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...
Computer Weekly

SmartBear fills honeypot of AI-ready API governance

SmartBear Swagger is a suite of tools for designing, building, documenting and testing RESTful APIs (standardised web services using http methods to manage resource data) using the OpenAPI ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
The Hacker News

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

According to Cisco Talos, it's these URL-exposed webhooks – which make use of the same *.app.n8n [.]cloud subdomain – that ...

Web residential proxies: The ultimate solution for SEO tools

Automated tools hitting the same endpoints repeatedly? Throttled or banned. This is where web residential proxies step in.
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
InfoWorld

Ease into Azure Kubernetes Application Network

Microsoft has simplified service mesh scaling and management with an ambient-based service network for AKS. Here’s how to get ...

Cisco Webex SSO flaw needs manual certificate update to fix

The cloud-based Webex service has already been patched, but admins must replace an identity provider certificate in Webex ...

Iran's forced nationwide internet blackout becomes second-longest on record as it passes 1,000 hours offline — possessing Starlink terminals punishable by death, cou…

Iran's nationwide Internet blackout has crossed the 1,000-hour mark and is now the second longest nation-scale shutdown ever ...
Dark Reading

Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...