If you’re using nginx, get to updating as soon as your OS provides packages. There were a slew of buffer overflow/overread, use-after-free, and injection advisories announced today, impacting all versions below 1.30.1 (though your OS may backport fixes rather than updating to 1.30.1, check the package changelog for the matching CVE entries to confirm whether your package has been patched).
LLMs have gotten very good at finding security vulnerabilities, even in old, well-tested, and historically secure, software. So, for the foreseeable future, I recommend you stay particularly tuned into your OS updates.
We’re also rolling updates to Webmin/Virtualmin on an accelerated cadence as we find issues with AI assistance. So far, we haven’t found any “stop the world, we have to push an update yesterday!” level issues, but there are security updates in the last couple of our releases, and we have more coming in the next few days.
Staying on top of package updates is always important, but right now, it is perhaps the most important part of your daily routine, if you maintain any servers.