Ransomware, Zero-Days, and Data Breaches Shape This Week’s Cybersecurity Landscape

eSecurity Planet content and product recommendations are
editorially independent. We may make money when you click on links
to our partners.
Learn More

This week, a Dell vulnerability is being actively exploited, an Apache flaw allows bypass of RBAC, and over 41% of OpenClaw skills are vulnerable.

Major Threats & Vulnerabilities

Zero-Day Vulnerabilities

A zero-day vulnerability in Dell RecoverPoint is being actively exploited to deploy web shells and backdoors in VMware environments. This highlights the urgent need for patching and monitoring systems for unusual activities.

Critical CVEs and Exploits

Two critical Ivanti EPMM vulnerabilities are under active exploitation, allowing unauthenticated remote code execution on enterprise mobile management servers. Organizations using Ivanti EPMM should apply patches immediately.

A vulnerability in the Apache NiFi system allows lower-privileged users to modify restricted components, bypassing RBAC controls. Users are advised to update their systems to mitigate this risk.

Emerging Threats

The BeyondTrust vulnerability is being exploited for domain takeovers, with CVE-2026-1731 allowing remote code execution. Immediate action is required to prevent unauthorized access.

An audit revealed that 41% of OpenClaw skills are vulnerable, posing significant supply chain risks. Organizations should review and secure their AI deployments.

Industry News

Major Data Breaches

Substack experienced a significant breach, with nearly 700,000 user records leaked online, including email addresses and phone numbers.

In another breach, 967,000 records were leaked in a Figure breach, exposing sensitive financial data.

Legal and Regulatory Developments

The state of Texas has filed a lawsuit against TP-Link over alleged security risks and supply chain deception. More details can be found in the official report.

Security Tips & Best Practices

Embedding Security in Development

Ensure security is embedded throughout the SDLC by utilizing threat modeling, code reviews, and automated testing.

Data Loss Prevention

Implement comprehensive DLP strategies by using data classification and behavior analytics.

Ransomware Resilience

Build resilience against ransomware by maintaining proper backups.

Explore top UEBA solutions to enhance your cybersecurity posture. Stay informed and prepared by leveraging the right technologies and strategies to protect your organization from evolving threats.

If you want to see more from our Newsletter Archive please click here.