PAN-OS Auth Bypass CVE-2026-0257 Exploited in the Wild
CVE-2026-0257 PAN-OS GlobalProtect auth bypass now exploited. Plus FBI dismantles $1.9B PhaaS operation and France's Tchap platform breached.
Posts tagged: Pan-Os
Microsoft's Record 206-Flaw Patch Tuesday — 4 Zero-Days
Microsoft patches 206 flaws including 3 zero-days, then a 4th drops hours later. PAN-OS CVE-2026-0257 exploited. ServiceNow 59-day exposure window.
PAN-OS Auth Bypass CVE-2026-0257 Exploited in the Wild
CVE-2026-0257 PAN-OS auth bypass exploited 4 days post-disclosure. Microsoft MFA outage blocks enrollments. 19-year Linux kernel root flaw goes public.
PAN-OS IKEv2 and DNS Proxy RCEs — CVE-2026-0263
CVE-2026-0263 and CVE-2026-0264 deliver RCE in PAN-OS VPN and DNS processing. FortiClient EMS CVE-2026-35616 exploited in the wild.
PAN-OS DNS RCE CVE-2026-0264 — Cisco CVSS 10
CVE-2026-0264 PAN-OS DNS heap overflow RCE patched, Cisco Secure Workload CVSS 10 API auth bypass, GitHub confirms 3,800-repo VS Code extension breach.
GitHub Breached via Malicious VS Code Extension
GitHub confirms 3,800 internal repos breached via trojanized VS Code extension, Verizon DBIR 2026 marks exploits top vector, CVE-2026-0264 PAN-OS DNS RCE.
PAN-OS Critical RCE CVE-2026-0300 Patched
CVE-2026-0300 PAN-OS User-ID CVSS 9.8 RCE patched, CVE-2026-42945 NGINX 18-year heap overflow surfaces, G7 publishes first AI SBOM guidance for vendors.
PAN-OS CVE-2026-0300 Exploited by Chinese APT
CVE-2026-0300 PAN-OS zero-day RCE exploited by suspected Chinese state actors, Polish water plant ICS breaches, Linux Dirty Frag root exploit goes public.
PAN-OS CVE-2026-0300 Exploited Since April 9
CVE-2026-0300 PAN-OS User-ID RCE zero-day exploited since April 9, CISA launches CI Fortify, MuddyWater uses Chaos ransomware as espionage cover.
PAN-OS Zero-Day CVE-2026-0300 Under Active Attack
CVE-2026-0300 PAN-OS User-ID zero-day exploited in the wild, DAEMON Tools supply-chain backdoor, Canvas LMS 280M record breach, CloudZ RAT steals OTPs.