Threat Post

PHP Bug Allows Remote Code-Execution on NGINX Servers

CVE-2019-11043 is trivial to exploit — and a proof of concept is available. A buffer underflow bug in PHP could allow remote code-execution (RCE) on targeted NGINX servers. First discovered during a ...
Ars Technica

Attack hitting Apache sites goes mainstream, hacks nginx, Lighttpd, too

Security researchers have uncovered an ongoing and widespread attack that causes sites running three of the Internet’s most popular Web servers to push potent malware exploits on visitors. “This is ...