Security Boulevard

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for Apache HTTP Server and Microsoft IIS. An unauthenticated attacker with HTTP ...

Serious Blockchain Investors Use Proxy Servers to Mask Wallet Activity. You Should Too

how the IP behaves over time: a “sticky” setup keeps the same exit IP for a period, which helps if you want consistency for logins and sessions, while a rotating setup changes IPs on a schedule or per ...

Hackers compromise NGINX servers to redirect user traffic

A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's ...
The Hacker News

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.

MCP shipped without authentication. Clawdbot shows why that's a problem.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.
The Hacker News

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs ...

Global proxy operator IPIDEA denies Google's malicious intent allegations

Developers signing up with IPIDEA can use the SDK to monetise their applications, by providing access to residential ...
CSO Online

New APT group breached gov and critical infrastructure orgs in 37 countries

Security researchers from Palo Alto Networks believe the likely Asia-based group is expanding its activities, which include ...

NGINX servers hijacked in global campaign to redirect traffic

Redirected traffic can be abused in multiple ways, experts warn ...

The silent DNS malware that’s redefining email and web-based cyberattacks

Thousands of real websites are hijacked by cybercriminals using DNS to invisibly redirect and infect victims.

Who are phantom 'bombers' haunting Delhi schools and why tracing them is 'next to impossible'?

A Delhi Police officer described tracking someone on the dark web as akin to pursuing a shadow in a hall of mirrors, where ...
Network World

DKnife targets network gateways in long running AitM campaign

Active since at least 2019, the China-linked framework operates at network gateways to inspect and manipulate in-transit ...