Morning Overview on MSN

An 18-year-old heap buffer overflow in NGINX gives attackers remote code execution — billions of devices run the affected module

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...
CPO Magazine

AI Unearths Critical Vulnerability Hidden in NGINX Web Servers for 18 Years

A critical vulnerability discovered by AI spans most of the history of NGINX, which was first made available in 2004. The web ...
Cybernews

NGINX is critically vulnerable: hackers can crash servers and run remote code with no authentication

A critical, 18-year-old vulnerability in the NGINX web server has been discovered, which allows unauthenticated attackers to ...

18-year-old NGINX vulnerability allows DoS, potential RCE

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...
InfoWorld

Nginx web server upgrade focuses on web security, JavaScript configuration

Nginx Plus Release 10 adds a web app firewall, IP transparency, and support for the nginScript configuration and control language Security rules the day in version 10 of Nginx’s enterprise-level web ...
Linux Journal

ModSecurity and nginx

nginx is the web server that's replacing Apache in more and more of the world's websites. Until now, nginx has not been able to benefit from the security ModSecurity provides. Here's how to install ...