Hackers compromise NGINX servers to redirect user traffic

A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's ...
The Hacker News

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs, and government domains.