Recent Posts
News•Feb 27, 2026
FreeBSD Jail Escape Flaw Breaks Filesystem Isolation
A critical vulnerability identified as CVE-2025-15576 compromises FreeBSD 13.5 and 14.3 by allowing a jailed process to escape its chroot through a nullfs‑shared directory and Unix domain socket. The flaw bypasses kernel‑enforced filesystem boundaries, granting full host‑filesystem access to an attacker controlling processes in sibling jails. No workaround exists, but the FreeBSD project has issued a patch. Exploitation requires a specific configuration, yet the potential impact on multi‑tenant and security‑sensitive workloads is severe.
By eSecurity Planet
News•Feb 26, 2026
ServiceNow AI Platform Vulnerability Enables Unauthenticated RCE
ServiceNow disclosed and patched a critical vulnerability, CVE-2026-0542, in its AI Platform that could allow unauthenticated remote code execution. The flaw bypasses the ServiceNow Sandbox, affecting web interfaces, API endpoints, and automation modules, and carries a CVSS rating of 9.8....
By eSecurity Planet
News•Feb 25, 2026
ShinyHunters Claims Wynn Resorts Data Theft
Wynn Resorts disclosed that an unauthorized party accessed employee data after the casino‑hospitality firm appeared on ShinyHunters' extortion leak site. The group claims to have stolen more than 800,000 records, including Social Security numbers, from Wynn's Oracle PeopleSoft HR platform....
By eSecurity Planet
News•Feb 24, 2026
Google Patches Three High-Severity Chrome Flaws
Google released a Chrome security update that fixes three high‑severity vulnerabilities (CVE‑2026‑3061, CVE‑2026‑3062, CVE‑2026‑3063). Two of the flaws involve out‑of‑bounds memory reads, while the third adds out‑of‑bounds writes in the WebGPU shader compiler. The bugs affect Chrome’s media stack, the...
By eSecurity Planet
News•Feb 23, 2026
Ransomware, Zero-Days, and Data Breaches Shape This Week’s Cybersecurity Landscape
This week’s cybersecurity briefing spotlights a Dell RecoverPoint zero‑day that’s actively delivering web shells in VMware environments, alongside critical Ivanti EPMM remote‑code‑execution flaws and an Apache NiFi RBAC bypass. Over 40% of OpenClaw AI skills were found vulnerable, highlighting supply‑chain...
By eSecurity Planet
News•Feb 20, 2026
Apache Tomcat Vulnerability Circumvents Access Rules
Apache Tomcat’s CVE‑2026‑24733 vulnerability allows attackers to bypass security constraints that permit HEAD but deny GET requests by sending a malformed HEAD request using the obsolete HTTP/0.9 protocol. The flaw stems from Tomcat’s legacy handling of HTTP/0.9, which does not...
By eSecurity Planet
News•Feb 19, 2026
Better-Auth Flaw Allows Unauthenticated API Key Creation
A critical flaw (CVE‑2025‑61928) in the better‑auth npm library’s API‑key plugin lets unauthenticated actors mint privileged API keys for arbitrary users. The vulnerability stems from improper authorization checks in the createApiKey and updateApiKey handlers, which accept a userId without a...
By eSecurity Planet
News•Feb 17, 2026
OpenClaw Flaw Enables AI Log Poisoning Risk
A log‑poisoning flaw was discovered in OpenClaw’s gateway server, affecting versions up to 2026.2.12. The vulnerability arises from unsanitized WebSocket headers—such as Origin and User‑Agent—being written directly to structured logs when a handshake is aborted. An unauthenticated attacker could inject...
By eSecurity Planet
News•Feb 17, 2026
CVE-2026-25903 Impacts Apache NiFi Users
A new vulnerability, CVE‑2026‑25903, affects Apache NiFi versions 1.1.0 through 2.7.2 and was patched in 2.8.0. The flaw allows users with limited privileges to modify the configuration of already‑deployed restricted components, bypassing the platform’s authorization checks. While it does not...
By eSecurity Planet
News•Feb 16, 2026
BeyondTrust RCE Exploited for Domain Control
Attackers are actively exploiting CVE‑2026‑1731, an unauthenticated OS command injection flaw in self‑hosted BeyondTrust Remote Support and Privileged Remote Access appliances. The vulnerability enables remote code execution, allowing threat actors to run commands as SYSTEM, install the SimpleHelp RMM tool,...
By eSecurity Planet
News•Feb 13, 2026
1,800+ Windows Servers Hit by BADIIS SEO Malware
Elastic researchers uncovered a large‑scale SEO poisoning campaign that has compromised more than 1,800 Windows servers running Microsoft IIS. The BADIIS malware installs as a native IIS module, intercepting crawler traffic and injecting malicious backlinks to promote illicit gambling and...
By eSecurity Planet
News•Feb 12, 2026
Apple Patches Actively Exploited Zero-Day Flaw
Apple has issued patches for CVE-2026-20700, a zero‑day vulnerability in the dyld dynamic linker affecting iOS, iPadOS, macOS, tvOS, watchOS and visionOS. The flaw enables arbitrary code execution with memory‑write capability and was actively exploited in highly sophisticated, targeted attacks,...
By eSecurity Planet
News•Feb 12, 2026
Viral AI Caricatures Highlight Shadow AI Dangers
A viral Instagram and LinkedIn trend sees millions prompting ChatGPT to generate caricatures that describe their jobs, then posting the images publicly. The practice unintentionally reveals how employees use large language models (LLMs) at work and what data they may...
By eSecurity Planet
News•Feb 11, 2026
CVE-2026-25646: Legacy Libpng Flaw Poses RCE Risk
CVE‑2026‑25646 reveals a heap‑buffer overflow in libpng’s png_set_quantize function, a flaw that has existed for nearly three decades across all historic releases. The bug triggers when a PNG image contains a palette chunk without a histogram and requests color quantization,...
By eSecurity Planet
News•Feb 11, 2026
CVE-2026-21514: Actively Exploited Word Flaw Evades OLE Security
Microsoft disclosed CVE‑2026‑21514, an actively exploited vulnerability in Word that bypasses Object Linking and Embedding (OLE) security controls. The flaw lets specially crafted documents execute code without triggering Protected View or enable‑content prompts, requiring only a user to open the...
By eSecurity Planet