Security news.
Today's security landscape is marked by critical vulnerabilities under active exploitation, particularly in NGINX and Microsoft Exchange, alongside evolving phishing tactics targeting Microsoft 365. The rise of AI-generated code and AI agents also presents new challenges for defenders, capable of discovering and exploiting obscure flaws.
NGINX CVE-2026-42945 Actively Exploited
A critical heap buffer overflow (CVE-2026-42945) in NGINX Plus and NGINX Open, affecting versions 0.6.27 through 1.30.0, is under active exploitation, potentially leading to worker crashes and RCE.
Tycoon2FA Phishing Kit Targets Microsoft 365
The Tycoon2FA phishing kit has been updated to support device-code phishing attacks, leveraging Trustifi click-tracking URLs to hijack Microsoft 365 accounts.
THORChain Halts Trading After $10 Million Theft
The THORChain crypto exchange temporarily halted trading following a $10 million theft, though the company claims end-user funds were not affected.
AI Agents Posing New Exploitation Risks
The emergence of AI agents capable of discovering and exploiting obscure vulnerabilities, coupled with the proliferation of AI-generated code, is forcing cybersecurity defenders to adapt.
Grafana GitHub Token Breach
Grafana disclosed that an unauthorized party obtained a GitHub token, allowing access to their environment and codebase download, though no customer data was impacted.
Microsoft Rejects Azure Vulnerability Report
A security researcher claims Microsoft quietly fixed a critical Azure Backup for AKS vulnerability after rejecting his report and without issuing a CVE, a claim Microsoft disputes.
Funnel Builder Flaw Exploited for WooCommerce Skimming
A critical vulnerability in the WordPress Funnel Builder plugin is being actively exploited to inject malicious JavaScript into WooCommerce checkout pages to steal payment data.
Microsoft Exchange Server Zero-Day Exploited
Microsoft has warned of active exploitation of a cross-site scripting vulnerability (CVE-2026-42897) in on-premise Exchange Server, with CISA adding it to its KEV catalog.