THREATNOIR
Subscribe
Back to show
Red vs Blue Show

Nginx UI Auth Bypass Under Active Exploitation

Apr 16, 2026 · 1:40

An unauthenticated endpoint in Nginx UI (CVE-2026-33032) allows remote attackers to invoke privileged Model Context Protocol actions and achieve full serve…

X

Watch next

Miasma Worm Rides PyPI to Steal Dev Secrets
1:40

Miasma Worm Rides PyPI to Steal Dev Secrets

Jun 8, 2026

Palo Alto Auth Bypass Goes From Medium to Mayhem
1:40

Palo Alto Auth Bypass Goes From Medium to Mayhem

Jun 2, 2026

AI Slop Forks Poison Open-Source Repos
1:40

AI Slop Forks Poison Open-Source Repos

Jun 1, 2026

Fake Claude Code Sites Drop Fileless Stealer
1:40

Fake Claude Code Sites Drop Fileless Stealer

May 31, 2026

One Forged Header Bypasses Fortinet Authentication
1:40

One Forged Header Bypasses Fortinet Authentication

May 29, 2026

Ransomware Crew Walks Into Law Firms Literally
1:40

Ransomware Crew Walks Into Law Firms Literally

May 28, 2026

Hardcoded Keys Let Attackers Own Every LMS
1:40

Hardcoded Keys Let Attackers Own Every LMS

May 27, 2026

Ghost CMS SQL Injection Owns 700 Sites
1:40

Ghost CMS SQL Injection Owns 700 Sites

May 26, 2026

340 Million OnlyFans Records Stitched From Old Leaks
1:00

340 Million OnlyFans Records Stitched From Old Leaks

May 25, 2026