GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...

GitHub rushed to fix a critical vulnerability in less than six hours

GitHub’s engineering team developed a fix and deployed it just over an hour after identifying the root cause, protecting both ...
Cybernews

NGINX is critically vulnerable: hackers can crash servers and run remote code with no authentication

A critical, 18-year-old vulnerability in the NGINX web server has been discovered, which allows unauthenticated attackers to ...
The Hacker News

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.