Category: eSecurity Planet

Microsoft issued an emergency patch for an actively exploited Microsoft Office zero-day enabling code execution. The post Microsoft Issues Emergency Patch for Active Office Zero-Day appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…

Read more →

A backdoor bug in a WordPress plugin with 20,000+ installs lets attackers create admin accounts without logging in. The post 20,000 WordPress Sites at Risk From Plugin Admin Backdoor appeared first on eSecurity Planet. This article has been indexed from…

Read more →

Attackers are abusing SharePoint links in an AiTM phishing campaign to hijack sessions at energy firms and enable BEC attacks, even with MFA enabled. The post Energy Firms Targeted in SharePoint AiTM Session Hijacking appeared first on eSecurity Planet. This…

Read more →

Weekly summary of Cybersecurity Insider newsletters The post Critical Vulnerabilities and Phishing Campaigns Dominate Cybersecurity Headlines appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Critical Vulnerabilities and Phishing Campaigns Dominate Cybersecurity…

Read more →

A GNU InetUtils telnetd flaw lets attackers log in as root without a password. The post GNU InetUtils Telnetd Flaw Lets Attackers Log In as Root appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…

Read more →

CVE-2026-21962 lets unauthenticated attackers remotely compromise Oracle WebLogic proxies. The post Oracle WebLogic Proxy Bug Enables Unauthenticated Remote Compromise appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Oracle WebLogic Proxy Bug…

Read more →

A LinkedIn phishing campaign uses DLL sideloading to gain stealthy, persistent access. The post LinkedIn Phishing Abuses DLL Sideloading for Persistent Access  appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: LinkedIn…

Read more →

A DNS flaw in Azure Private Link can trigger DoS-like outages across linked VNETs. The post Azure DNS Behavior Can Turn Private Endpoints Into DoS Risks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…

Read more →

LayerX says GhostPoster spread across 17 extensions and 840,000 downloads. The post LayerX Links GhostPoster to 17 Extensions and 840K Downloads  appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: LayerX Links…

Read more →

Cisco says attackers are actively exploiting CVE-2025-20393, a critical RCE flaw in Secure Email appliances. The post Cisco Secure Email Appliance RCE Exploited in Attacks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…

Read more →

Wiz says an AWS CodeBuild flaw could have enabled GitHub repo hijacks, though AWS reports no impact. The post AWS Console Supply Chain Flaw Could Have Enabled GitHub Repo Hijacks appeared first on eSecurity Planet. This article has been indexed…

Read more →

Flare’s research shows phishing kits now run like SaaS, built to bypass MFA. The post Flare Research: Phishing Kits Now Operate Like SaaS Platforms appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…

Read more →

AI-driven phishing is accelerating, making Human Risk Management critical. The post AI-Powered Phishing Makes Human Risk Management Critical appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: AI-Powered Phishing Makes Human Risk…

Read more →

Weekly summary of Cybersecurity Insider newsletters The post Exploits, AI Threats, and Cloud Malware Mark a Turbulent Week appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Exploits, AI Threats, and Cloud…

Read more →

Fortinet warns CVE-2025-64155 is actively exploited for unauthenticated RCE on on-prem FortiSIEM via TCP 7900. The post Fortinet Warns of Active FortiSIEM RCE Exploitation appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…

Read more →

CVE-2026-20824 lets Windows Remote Assistance bypass Mark of the Web, easing execution of malicious downloaded files. The post Windows Remote Assistance Flaw Bypasses Mark of the Web appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…

Read more →

CVE-2026-20965 enables tenant-wide Azure compromise from one Windows Admin Center host. The post Windows Admin Center Azure SSO Flaw Risks Tenant-Wide Compromise appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Windows…

Read more →

CVE-2026-23550 is being exploited to gain unauthenticated admin access via the Modular DS WordPress plugin. The post 40K WordPress Installs at Risk From Modular DS Admin Bypass appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…

Read more →

Palo Alto Networks patched CVE-2026-0227, a PAN-OS DoS bug that can disrupt GlobalProtect gateways and portals. The post Palo Alto Networks Patches PAN-OS Bug That Can Disrupt GlobalProtect appeared first on eSecurity Planet. This article has been indexed from eSecurity…

Read more →

Check Point researchers say VoidLink shows how cloud-native Linux malware is evolving with stealthy, modular persistence. The post Check Point Research: VoidLink Shows Cloud-Native Linux Malware Evolving appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…

Read more →