Dossier
F5
Coverage of F5 in the Nexus archive.
- F5 issues out-of-band patches for critical NGINX vulnerabilities
Cybersecurity company F5 has released out-of-band security updates to address multiple NGINX web server vulnerabilities. The updates include fixes for two critical-severity flaws that could allow attackers to execute code on vulnerable systems.
- NGINX Rift attackers waste no time targeting exposed servers
A newly disclosed NGINX bug, dubbed 'NGINX Rift', is being actively exploited by attackers, with over 5.7 million internet-exposed servers potentially vulnerable. The bug, assigned a CVSS score of 9.2, can cause a crashed worker process and forced restart, and potentially allow code execution in certain configurations. Researchers are seeing active exploitation attempts just days after the CVE was published.