TECH NEWS

NGINX Rift attackers waste no time targeting exposed servers

Researchers say 18-year-old flaw already being probed and exploited just days after disclosure

Exploit attempts are already hammering a newly disclosed NGINX bug dubbed "NGINX Rift," proving once again that attackers read patch notes faster than most admins.

Researchers at VulnCheck said they are seeing active exploitation tied to CVE-2026-42945, a heap buffer overflow flaw affecting both NGINX Open Source and NGINX Plus that was disclosed last week after apparently sitting unnoticed for 18 years.

VulnCheck's Patrick Garrity said the company observed exploitation activity on its canary systems "just days after the CVE was published."

"An unauthenticated attacker can crash the NGINX worker process by sending crafted HTTP requests," he said. "On servers with ASLR disabled – which, of course, is extremely unlikely – code execution is possible."

Researchers at Depthfirstdisclosed the bug last week, saying the flaw had been sitting in NGINX's rewrite module since 2008. The vulnerability,...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

https://cdn1.expresscomputer.in/wp-content/uploads/2026/05/20182530/New-Project-2026-05-20T182520.591.jpg

MANN+HUMMEL launches Global Technology & Innovation Center in Karnataka, strengthening India as a global hub for filtration innovation

MANN+HUMMEL announced the launch of its new state-of-the-art Global Technology & Innovation Center in Tumkur, Karnataka, marking a significant milestone in its global growth strategy. Positioned as MANN+HUMMEL’s largest development centre outside Germany, the facility reinforces India’s role as a critical hub for engineering, innovation, and

https://platform.theverge.com/wp-content/uploads/sites/2/2026/05/STKP224_KEVIN_O_LEARY_CVIRGINIA_B.jpg?quality=90&strip=all&crop=0%2C10.732984293194%2C100%2C78.534031413613&w=1200

The biggest data center ever is becoming a huge problem in Utah

Utah may host one of the world’s most colossal data centers, despite stark warnings from experts and fierce public backlash. Earlier this month, commissioners in Box Elder County signed off on the Stratos Project: a 40,000-acre data center stretching across the county’s Hansel Valley. It’s supposed

https://image.theregister.com/5243418.jpg?imageId=5243418&x=0&y=20.6&cropw=100&croph=70.88&panox=0&panoy=20.6&panow=100&panoh=70.88&width=1200&height=683

'Workforce rebalancing' comes for Kyndryl, and delivery teams are in the firing line

Big Blue spinout eyes up to $500M in savings and agentic AI while insiders grumble it's still 'IBM without the hardware' EXCLUSIVE Kyndryl – the global technology services division spun out of IBM in 2021 – is cutting jobs to reduce overheads and "streamline our operations"

https://image.theregister.com/5243350.jpg?imageId=5243350&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

Microsoft says cu l8r to text message security

Old, busted, insecure authentication to be replaced with something shinier and safer Microsoft has confirmed that SMS is on the way out as a method of authentication and recovery for personal Microsoft accounts. Fraud and dubious security were cited as reasons for the move: "SMS authentication is vulnerable to

Read more

MANN+HUMMEL launches Global Technology & Innovation Center in Karnataka, strengthening India as a global hub for filtration innovation

The biggest data center ever is becoming a huge problem in Utah

'Workforce rebalancing' comes for Kyndryl, and delivery teams are in the firing line

Microsoft says cu l8r to text message security