Tag: eSecurity Planet

A ransomware attack disrupted UMMC’s EMR system, forcing clinic closures and manual patient documentation. The post University of Mississippi Medical Center Closes Clinics After Ransomware Attack appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…

Read more →

A PayPal loan app error exposed sensitive customer data, including SSNs, for nearly six months in 2025. The post PayPal Flaw Exposed Sensitive Data in Lending App for Six Months appeared first on eSecurity Planet. This article has been indexed…

Read more →

Apache disclosed a Tomcat flaw (CVE-2026-24733) that can bypass access controls via legacy HTTP/0.9 requests under specific configurations. The post Apache Tomcat Vulnerability Circumvents Access Rules appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…

Read more →

An audit of 2,890+ OpenClaw skills found 41.7% contain serious security vulnerabilities, exposing systemic risk in AI agent ecosystems. The post Over 41% of Popular OpenClaw Skills Found to Contain Security Vulnerabilities appeared first on eSecurity Planet. This article has…

Read more →

Microsoft confirmed a Copilot Chat bug that summarized confidential emails despite active DLP controls, raising AI governance concerns in Microsoft 365. The post Microsoft 365 Copilot Bug Circumvented DLP Controls appeared first on eSecurity Planet. This article has been indexed…

Read more →

As agentic AI scales, strong governance is essential to prevent unintended autonomous actions. The post AI Governance Becomes Critical as Agentic AI Moves Into Production appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…

Read more →

Texas has sued TP-Link over alleged supply chain deception and router security flaws linked to Chinese threat actors. The post Texas Sues TP-Link Over Alleged Security Risks and Supply Chain Deception appeared first on eSecurity Planet. This article has been…

Read more →

MCP servers can be exploited for code execution, data exfiltration and zero-click supply chain attacks in AI-driven environments. The post MCP Servers Expose a Hidden AI Attack Surface in Enterprise Environments appeared first on eSecurity Planet. This article has been…

Read more →

A better-auth flaw lets attackers create API keys for arbitrary users, risking account takeover and MFA bypass. The post better-auth Flaw Allows Unauthenticated API Key Creation appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…

Read more →

Ivanti EPMM flaws are being exploited to enable unauthenticated remote code execution on exposed MDM systems. The post Ivanti EPMM Vulnerabilities Actively Exploited in the Wild appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…

Read more →

A Dell RecoverPoint zero-day has been exploited to deploy GRIMBOLT malware and pivot into VMware environments. The post Zero-Day in Dell RecoverPoint Enables GRIMBOLT Backdoor  appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…

Read more →

An XSS flaw in the VS Code Live Preview extension exposed developers’ local files and credentials through the localhost server. The post XSS Bug in VS Code Extension Exposed Local Files appeared first on eSecurity Planet. This article has been…

Read more →

A multi-stage Booking.com phishing campaign is hijacking hotel accounts to defraud guests through convincing payment scams. The post Booking.com Phishing Campaign Hijacks Hotel Accounts to Defraud Guests appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…

Read more →

A Windows Admin Center vulnerability could allow authorized attackers to escalate privileges across enterprise environments. The post Windows Admin Center Flaw Opens Door to Privilege Escalation appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…

Read more →

Washington Hotel, located in Japan, confirmed a ransomware attack on internal servers and is investigating the extent of the incident. The post Japan’s Washington Hotel Reports Ransomware Attack appeared first on eSecurity Planet. This article has been indexed from eSecurity…

Read more →

OpenClaw versions prior to 2026.2.13 logged unsanitized WebSocket headers, creating a potential AI log poisoning risk. The post OpenClaw Flaw Enables AI Log Poisoning Risk appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…

Read more →

CVE-2026-25903 allows lower-privileged users to modify restricted components in affected Apache NiFi versions. The post CVE-2026-25903 Impacts Apache NiFi Users appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: CVE-2026-25903 Impacts Apache…

Read more →

Infostealers are now targeting OpenClaw AI configuration files, exposing tokens, cryptographic keys, and sensitive contextual data. The post Infostealers Target OpenClaw AI Configuration Files appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…

Read more →

Fake Winter Olympics 2026 stores are using lookalike domains and deep discounts to steal fans’ payment and personal data. The post Fake Winter Olympics 2026 Stores Target Fans With Data-Theft Scams appeared first on eSecurity Planet. This article has been…

Read more →

CVE-2026-1731 is being exploited to gain full Windows domain control in self-hosted BeyondTrust deployments. The post BeyondTrust RCE Exploited for Domain Control appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: BeyondTrust…

Read more →