Security news.
Today's security landscape is marked by critical vulnerabilities, active exploitation, and significant data breaches. A new Windows zero-day exploit granting SYSTEM privileges has been released, while NGINX and WordPress plugins are under active attack. Several major data breaches, including those affecting US healthcare providers and 7-Eleven, highlight ongoing threats to sensitive information.
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation
A new proof-of-concept (PoC) exploit, "MiniPlasma," allows attackers to gain SYSTEM privileges on fully patched Windows systems by targeting the "cldflt.sys" driver.
Exploitation of Critical NGINX Vulnerability Begins
Active exploitation has started for CVE-2026-42945, a critical heap buffer overflow in NGINX Plus and NGINX Open, which can lead to denial-of-service and potential remote code execution.
Millions Impacted Across Several US Healthcare Data Breaches
Multiple data breaches affecting hundreds of thousands to millions of individuals have been reported to the HHS tracker, impacting various US healthcare organizations.
7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand
7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed to have stolen over 600,000 Salesforce records, including personal and corporate data.
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
A critical vulnerability in the Funnel Builder WordPress plugin is being actively exploited to inject malicious JavaScript for stealing payment data from WooCommerce checkout pages.
‘Claw Chain’ OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery
Four vulnerabilities in OpenClaw can be chained to steal credentials, escape sandboxes, and plant persistent backdoors, posing a significant threat to affected systems.
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Multiple vendors, including Ivanti, Fortinet, and VMware, have released patches for critical vulnerabilities, with Ivanti Xtraction (CVE-2026-8043) topping the list for potential information disclosure or client-side attacks.
Grafana Confirms Breach After Hackers Claim They Stole Data
Grafana has confirmed a breach where an unauthorized party obtained a GitHub token, allowing access to and download of its codebase, though no customer data was reportedly affected.