A critical security flaw in NGINX web servers that went undetected for 16 years is now being actively exploited by hackers just days after patches were released. The vulnerability, dubbed "Nginx Rift," affects millions of internet-exposed servers and can trigger denial-of-service conditions on default installations, while potentially allowing remote code execution on systems without proper security protections. Security researchers warn that while roughly 5.7 million servers are exposed, successful exploitation requires specific configurations, making the truly vulnerable population a smaller subset.