The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
CSO Online

Microsoft says web-enabled AI agents can trigger host-level RCE

Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...
The Hacker News

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

Cisco Unified CM CVE-2026-20230 is under active exploitation, allowing file writes on WebDialer-enabled systems.
Bleeping Computer

New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute

A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds. The technique works on default HTTP/2 configurations of major web ...
Hosted on MSN

A remote denial-of-service exploit affects every major web server — NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora — researchers warn

Security researchers have identified a remote denial-of-service attack technique that targets HTTP/2 compression handling across five of the most widely deployed web servers: NGINX, Apache HTTPD, ...
The Verge

Microsoft is threatening legal action for disclosing exploits

The company is feuding with a security researcher publicly posting vulnerabilities. The company is feuding with a security researcher publicly posting vulnerabilities. is the Verge’s weekend editor.
Bleeping Computer

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges

Update: Added statement from Microsoft to the end of this article. A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft fixed two ...
TheServerSide

Tomcat vs. Apache HTTP Server: What's the difference?

What's the difference between Tomcat and Apache? It's a question developers hear frequently. But, when worded that way, it contains some misleading assumptions. Normally, when people ask this question ...
PC Magazine

Web Hosting Roundups

Virtual private server (VPS) hosting is an excellent combination of affordability and power. The top VPS web hosting services we've tested let you build an attractive, stable, and secure website with ...
TWCN Tech News

Windows Server Manager not opening or working in Windows Server and Client

Server Manager is a Windows tool that allows you and other IT professionals to manage local and remote Windows-based servers from your desktops without accessing the servers or connecting to the ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Latest Hacking News

Cisco Unified CM SSRF Flaw Is Being Exploited to Drop Webshells

Attackers are actively exploiting a critical Cisco Unified CM SSRF vulnerability, tracked as CVE-2026-20230, to plant persistent webshells on exposed servers. Tor-anonymised sweeps began around June ...