Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
PCMag

Stuck on a Website? Google Cracks Down on Aggravating 'Back Button Hijacking'

Google says it's seen a rise in shady and spam websites using 'Back button hijacking' to try and trap or manipulate users ...