HackingPassion.comNginx
4 posts
HTTP/2 Bomb Takes Down nginx Apache IIS Envoy and Cloudflare
A new exploit called HTTP/2 Bomb lets one ordinary home computer take down nginx, Apache, Microsoft IIS, Envoy and Cloudflare Pingora, the web servers behind a …
NGINX Has Had This Bug Since 2008 and One Request Is Enough to Trigger It
NGINX Rift: An 18-year-old memory corruption bug in NGINX, the web server running on roughly one-third of all websites globally, lets an unauthenticated …
Nginx-UI MCPwn (CVE-2026-33032): Full Server Takeover With One Unauthenticated Request
A critical vulnerability in nginx-ui has been actively exploited since March 2026, and it gives any attacker on the network full control over the nginx server …
Hackers Are Hijacking NGINX Servers Without Installing Malware
Hackers are hijacking NGINX web servers and rerouting live traffic through their own infrastructure. No malware installed, no vulnerability exploited. Just a …