From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

Ubuntu's web infrastructure is under a sustained, cross-border attack

A whole range of Ubuntu sites and services seem to be affected.
Forbes

Microsoft Confirms Global SharePoint Attack — Emergency Update Issued

Update, July 21, 2025: This story, originally published on July 20, has been updated to include additional expert comments regarding the global zero-day attack impacting Microsoft on-premise ...
CRN

Five Things To Know On Microsoft SharePoint Server ‘ToolShell’ Attacks

Security experts are urging organizations with on-premises SharePoint Servers to deploy emergency patches amid attacks that have reportedly led to compromises worldwide. Security experts are urging ...
CSOonline

Critical nginx UI tool vulnerability opens web servers to full compromise

Security vendor Pluto Security has published details of a critical vulnerability in the open-source nginx UI web server configuration tool that has been under active exploitation by cybercriminals ...
Linux Journal

Hardening Linux Servers Against Threats and Attacks

Linux servers are known for their reliability and security, which has made them popular in both enterprise and individual deployments. However, no system is impervious to attacks. With cyber threats ...

Mastodon says its flagship server was hit by a DDoS attack

The DDoS attack against Mastodon's flagship server comes less than a week after Bluesky was targeted with junk web traffic.
Fox News

Web skimming attacks target major payment networks

Online shopping feels familiar and fast, but a hidden threat continues to operate behind the scenes. Researchers are tracking a long-running web skimming campaign that targets businesses connected to ...