TechBleepingComputer3h ago
Critical Nginx UI auth bypass flaw now actively exploited in the wild
TL;DRNginx UI has a critical bug letting attackers take over servers without logging in.
Why it matters: Active exploitation means unpatched systems are compromised now; immediate patching required.
A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication. [...]
Read full articleSource: BleepingComputer · Opens in new tab