A critical authentication bypass vulnerability (CVE-2026-0257) in Palo Alto Networks’ PAN-OS GlobalProtect gateway is being actively exploited in the wild. The flaw allows unauthenticated attackers to bypass authentication mechanisms and gain unauthorized access to protected networks. With a CVSS sc
Palo Alto Networks’ GlobalProtect VPN is being actively exploited through CVE-2026-0257, a critical authentication bypass vulnerability with a CVSS score of 9.3. Rapid7 has confirmed in-the-wild exploitation targeting vulnerable PAN-OS firewalls. Attackers can gain unauthorized network access withou
MFA prompt bombing, also known as MFA fatigue attacks, exploits human psychology rather than technical vulnerabilities. Attackers who have already stolen credentials flood victims with dozens or hundreds of push notification authentication requests until users accidentally approve one or simply acce
A critical zero-day vulnerability in KnowledgeDeliver Learning Management System (LMS) is being actively exploited in the wild to deploy BLUEBEAM web shells. Attackers are leveraging an unrestricted file upload flaw to gain persistent access to compromised systems, affecting educational institutions
North Korean APT group Lazarus has deployed a sophisticated memory-only remote access trojan (RAT) dubbed RemotePE in targeted attacks against financial institutions and cryptocurrency firms. The malware operates entirely in memory without touching disk, evading traditional file-based detection syst
Threat actors conducted an aggressive reconnaissance campaign against SonicWall firewall interfaces, generating over 597,000 scanning sessions within a nine-day period. This massive scanning operation targeted publicly exposed SonicWall management interfaces, likely seeking vulnerable devices for ex
Threat actors are exploiting F5 BIG-IP appliances as entry points to compromise enterprise Linux networks. Attackers gain initial access through vulnerable BIG-IP devices, establish SSH backdoors, and pivot laterally into connected Linux infrastructure. Organizations using F5 BIG-IP in their network
npm has reset all bypass-2FA automation tokens following a sophisticated supply chain attack dubbed “Mini Shai-Hulud.” The attack targeted npm’s publishing infrastructure, exploiting automation tokens that could bypass two-factor authentication requirements. All affected users must regenerate their
Google inadvertently published technical details of an unpatched security vulnerability in Chromium before a fix was available, potentially exposing millions of Chrome, Edge, and other Chromium-based browser users to exploitation. The premature disclosure has sparked concerns about coordinated vulne
Security researchers discovered a devastating 0-click exploit chain targeting Google Pixel 10 devices that requires just five lines of code to bypass kernel security. The vulnerability leverages a race condition in the device’s window management subsystem, allowing attackers to gain kernel-level exe