Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Ravie LakshmananMay 05, 2026Vulnerability / Server Security The Apache Software Foundation (ASF) has released security updates to address several security...
server
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Ravie LakshmananApr 20, 2026Open Source / Server Security A critical security vulnerability has been disclosed in SGLang that, if successfully...
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini...
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Ravie LakshmananApr 03, 2026Linux / Server Hardening Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web...
U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 16, 2026...
The CISO as a Business Leader: Moving from the Server Room to the Boardroom
The CISO as a Business Leader: Moving from the Server Room to the Boardroom In 2026, the era of the...
Critical Nginx UI flaw CVE-2026-27944 exposes server backups
Critical Nginx UI flaw CVE-2026-27944 exposes server backups Pierluigi Paganini March 08, 2026 Nginx UI flaw CVE-2026-27944 lets attackers download...
Enterprise tech spending to cross $6 trillion in 2026, driven by AI infrastructure boom
Server spending alone will rocket up 36.9% year-over-year, Gartner found, driven almost entirely by AI-optimized hardware. The hyperscalers, including AWS,...
Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic
What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy...
U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 24,...
Common Issues with FreeRadius in Passwordless Implementations
Introduction to FreeRadius in a Passwordless World Ever tried explaining to a ceo why the "legacy" radio server is still...
