eSecurity Planet
BYOVD Turns Trusted Drivers Against Windows Security
Attackers can manipulate process objects and hide malicious activity, rendering the endpoint defenseless despite the presence of security software. This allows for encryption, credential theft, and lateral movement without interference.
better-auth Flaw Allows Unauthenticated API Key Creation
A critical vulnerability in the better-auth library allows unauthenticated attackers to create API keys for arbitrary users, posing a significant risk of account takeover and MFA bypass.
BeyondTrust RCE Exploited for Domain Control
CVE-2026-1731, a critical unauthenticated OS command injection vulnerability, is being actively exploited in self-hosted BeyondTrust Remote Support and Privileged Remote Access deployments.
MongoDB Ransomware Is Still Actively Hitting Exposed Databases
MongoDB ransomware continues to be a significant threat, primarily targeting exposed databases due to misconfigurations. Attackers exploit these vulnerabilities by scanning for open MongoDB instances, deleting data, and demanding ransoms.
Cisco Snort 3 Security Flaws Threaten Network Inspection
Two critical flaws in Cisco Snort 3, identified as CVE-2026-20026 and CVE-2026-20027, pose significant risks to network inspection processes. These vulnerabilities allow unauthenticated attackers to disrupt inspection or leak sensitive data.
50,000 Servers Exposed as GoBruteforcer Scales Brute-Force Attacks
The GoBruteforcer botnet is aggressively targeting Linux servers worldwide, exploiting weak and reused credentials to gain access. Over 50,000 servers are at risk due to exposed infrastructure.
GenDigital Research Exposes AuraStealer Infostealer Tactics
AuraStealer is a sophisticated MaaS infostealer targeting Windows systems. It employs advanced evasion techniques and social engineering to steal sensitive data, posing significant risks to both individual users and enterprise environments.
Critical Firefox Bug Leaves 180M Users Exposed
A high-severity vulnerability was discovered in Mozilla Firefox's WebAssembly garbage-collection implementation. This flaw exposed over 180 million users worldwide to risk of memory corruption and potential RCE.
WhatsApp Screen-Sharing Scam Drains $700K in Minutes
A widespread scam campaign is exploiting WhatsApp’s screen-sharing feature alongside malware-based propagation via WhatsApp Web to compromise accounts and execute large-scale financial fraud.
EchoGram: The Attack That Can Break AI Guardrails
The EchoGram attack exploits LLM guardrails designed to detect and block malicious prompts. By leveraging carefully selected “flip tokens,” it can silently override guardrail verdicts, enabling prompt injections and false positives.
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
