SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
May 21, 2026
SonicWall’s patch for CVE-2024-12802 needed a manual LDAP reconfiguration most admins skipped, leaving Gen6 VPN open to MFA bypass and
Network Security
SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
SonicWall's patch for CVE-2024-12802 needed a manual LDAP reconfiguration most admins skipped, leaving Gen6 VPN open to MFA bypass and ransomware access.
SEPPMail Gateway Hit with 7 CVEs, Including CVSS 10.0 RCE Flaw
Seven vulnerabilities in SEPPMail Secure E-Mail Gateway, including a CVSS 10.0 pre-auth RCE, could let attackers intercept all protected mail traffic.
CISA Orders Patch for Sixth Cisco SD-WAN Zero-Day of 2026
Cisco confirmed active exploitation of CVE-2026-20182, a CVSS 10.0 authentication bypass in SD-WAN, as CISA gave federal agencies three days to patch.
Microsoft May 2026 Patch Tuesday: SharePoint RCE, NTLM Zero-Day
Microsoft's May 2026 Patch Tuesday fixes two actively exploited flaws including a zero-day NTLM hash leak requiring no user interaction to trigger.
FCC Extends Foreign Router Update Window to 2029 Amid Volt Typhoon
The FCC extended security update support for banned Chinese-made routers to 2029, citing Volt Typhoon threat concerns and risk of unpatched network devices.
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
A Taiwan university student used cheap radio equipment to replay TETRA signals, disabling the island's high-speed rail network for nearly an hour in 2026.
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline is May 9.
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Nation-state-linked PCPJack malware framework worms across cloud environments via five CVEs, using parquet file evasion to harvest credentials from cloud and financial systems.
Palo Alto CVE-2026-0300 Under Active Attack — Patch Due May 13
Palo Alto Networks disclosed CVE-2026-0300 on May 6, 2026 — a CVSS 9.3 unauthenticated buffer overflow in PAN-OS Captive Portal actively exploited in the wild. ...
SimpleHelp and ScreenConnect: The IT Tools That Became a Backdoor
VENOMOUS#HELPER spent 13 months inside 80+ organizations using legitimate RMM software — SimpleHelp and ScreenConnect — as undetected persistent access channels.
SEPPMail Gateway Hit with 7 CVEs, Including CVSS 10.0 RCE Flaw
May 20, 2026
Seven vulnerabilities in SEPPMail Secure E-Mail Gateway, including a CVSS 10.0 pre-auth RCE, could let attackers intercept all protected mail
CISA Orders Patch for Sixth Cisco SD-WAN Zero-Day of 2026
May 19, 2026
Cisco confirmed active exploitation of CVE-2026-20182, a CVSS 10.0 authentication bypass in SD-WAN, as CISA gave federal agencies three days
Microsoft May 2026 Patch Tuesday: SharePoint RCE, NTLM Zero-Day
May 13, 2026
Microsoft’s May 2026 Patch Tuesday fixes two actively exploited flaws including a zero-day NTLM hash leak requiring no user interaction
FCC Extends Foreign Router Update Window to 2029 Amid Volt Typhoon
May 12, 2026
The FCC extended security update support for banned Chinese-made routers to 2029, citing Volt Typhoon threat concerns and risk of
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
May 12, 2026
A Taiwan university student used cheap radio equipment to replay TETRA signals, disabling the island’s high-speed rail network for nearly
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
May 8, 2026
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
May 8, 2026
Nation-state-linked PCPJack malware framework worms across cloud environments via five CVEs, using parquet file evasion to harvest credentials from cloud
Palo Alto CVE-2026-0300 Under Active Attack — Patch Due May 13
May 6, 2026
Palo Alto Networks disclosed CVE-2026-0300 on May 6, 2026 — a CVSS 9.3 unauthenticated buffer overflow in PAN-OS Captive Portal
SimpleHelp and ScreenConnect: The IT Tools That Became a Backdoor
May 5, 2026
VENOMOUS#HELPER spent 13 months inside 80+ organizations using legitimate RMM software — SimpleHelp and ScreenConnect — as undetected persistent access
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.