BuzzSec

Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, discovered by depthfirst, is a heap buffer overflow issue impacting ngx_http_rewrite_module (CVE-2026-42945, CVSS v4 score: 9.2) that could allow an attacker to achieve remote code execution or cause a from The Hacker News https://thehackernews.com/2026/05/18-year-old-nginx-rewrite-module-flaw.html

Introduction The Asia-Pacific and Japan (APJ) region, with its dynamic economic growth and technological advancements, presents unique challenges and opportunities in the realm of human risk management and agentic risk management, particularly within the financial services sector. As financial institutions strive to protect themselves from increasing cyber threats, they must align their security practices with the regulations set forth by central banks across the countries. from KnowBe4 Blog https://blog.knowbe4.com/navigating-the-cybersecurity-landscape-in-india-empowering-human-and-ai-agents

In the ever-evolving world of cybersecurity, staying ahead of the curve is not just a goal—it’s a necessity. As new vulnerabilities emerge, the race to identify and mitigate them begins. But how do we, the guardians of the digital realm, rapidly pinpoint these threats as they become public? Let’s dive into the fascinating world of vulnerability identification and see how the magic happens. The post How to Identify and Exploit New Vulnerabilities appeared first on Black Hills Information Security, Inc. . from Black Hills Information Security, Inc. https://www.blackhillsinfosec.com/how-to-identify-and-exploit-new-vulnerabilities/

A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender with moderate-to-high confidence to a hacking group known as FamousSparrow (aka UAT-9244), which shares some level of from The Hacker News https://thehackernews.com/2026/05/azerbaijani-energy-firm-hit-by-repeated.html

Introduction The Philippines, like many other nations, is witnessing a dramatic increase in cyber threats, fueled by the rapid adoption of digital technologies and the proliferation of sophisticated cybercriminals. This article examines the evolution of cyber threats in the Philippines, with a focus on phishing, email security and the risks posed by agentic AI. It also highlights the inadequacy of legacy security systems in addressing these challenges and explores the role of KnowBe4's innovative tools, namely Agent Risk Manager (ARM), Collaboration Security and Security Awareness Training , in enhancing cybersecurity preparedness. from KnowBe4 Blog https://blog.knowbe4.com/philippines-cyber-threats-ai-email-security-report

Introduction The Asia-Pacific and Japan (APJ) region, with its dynamic economic growth and technological advancements, presents unique challenges and opportunities in the realm of human risk management and agentic risk management, particularly within the financial services sector. As financial institutions strive to protect themselves from increasing cyber threats, they must align their security practices with the regulations set forth by central banks across the countries. from KnowBe4 Blog https://blog.knowbe4.com/navigating-human-agentic-risks-apj-financial-institutions