Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed HTTP/2 Bomb by Calif. “The vulnerable behavior exists in each server’s default HTTP/2 configuration,” the company said, adding it was discovered by OpenAI Codex by chaining
Tag: affects
Global Security News
CISA orders agencies to patch critical Oracle WebLogic Server vulnerability
The vulnerability, CVE-2024-21182, affects Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0.
Global Security News
Critical vulnerability in Universal Robots’ PolyScope OS allows remote command execution
The vulnerability, tracked as CVE-2026-8153 with a CVSS score of 9.8, affects all PolyScope software versions prior to 5.25.1.
Global Security News
Ghost CMS vulnerability exploited in large-scale campaign
The vulnerability, identified as CVE-2026-26980, affects Ghost versions 3.24.0 through 6.19.0, allowing unauthenticated attackers to steal admin API keys.
Global Security News
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition
Exploits, Global Security News, Risk Management
9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems
The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks.
Data Breaches, Global Security News
What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do
The Instructure Canvas breach affects universities, K–12 school districts, and teaching hospitals globally. This blog entry intends to provide context and practical guidance.
Global Security News
Shopify Web Design: Custom vs. Theme-Based — Which Is Right for You?
GUEST OPINION: The choice between a custom build and a prebuilt theme affects much more than launch cost. It shapes how fast your team can ship changes, how much control you have over conversion paths, how dependent the store becomes on apps, and how expensive future changes will be. That is why Shopify website design…
Global Security News
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
A newly disclosed vulnerability dubbed ‘PolyShell’ affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover. […]
AI, Compliance, Global Security News
What to Look for in Oil and Gas ERP Software Before You Invest
Buying ERP software for an oil and gas business is rarely a simple technology decision. It affects finance, field operations, procurement, maintenance, compliance, and long-term profitability all at once. That is why so many companies get stuck during the selection process. They are not just comparing software. They are trying to figure out what to…
Data Breaches, Global Security News
Ericsson Breach Exposes Data of 15k Employees and Customers
Ericsson data breach affects 15k employees/customers after third-party service provider compromise