A critical vulnerability discovered by AI spans most of the history of NGINX, which was first made available in 2004. The web ...

For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical ...

Depthfirst has published technical details and proof-of-concept (PoC) exploit code targeting a critical NGINX vulnerability.

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the ...

AI-enhanced vulnerability discovery is transforming cybersecurity into an industrialized process that outpaces human remediation capacity, raising severe legal, liability, and operational risks as ...

Mythos outperformed rival models in vulnerability discovery, particularly in live-plus-source testing, but showed limitations ...

The flaw is in the same family as Dirty Frag and allows privilege escalation at kernel level.

AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast ...

Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...

GitHub’s engineering team developed a fix and deployed it just over an hour after identifying the root cause, protecting both ...

Two weeks in, Mythos' potential vulnerability apocalypse is still being figured out. What's likely to happen next and in the long term.