Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
May 8, 2026
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline
Network Security
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline is May 9.
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Nation-state-linked PCPJack malware framework worms across cloud environments via five CVEs, using parquet file evasion to harvest credentials from cloud and financial systems.
Palo Alto CVE-2026-0300 Under Active Attack — Patch Due May 13
Palo Alto Networks disclosed CVE-2026-0300 on May 6, 2026 — a CVSS 9.3 unauthenticated buffer overflow in PAN-OS Captive Portal actively exploited in the wild. ...
SimpleHelp and ScreenConnect: The IT Tools That Became a Backdoor
VENOMOUS#HELPER spent 13 months inside 80+ organizations using legitimate RMM software — SimpleHelp and ScreenConnect — as undetected persistent access channels.
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
U.S. cybersecurity agencies warn of Iran-linked APTs exploiting exposed Rockwell PLCs, urging swift disconnection.
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Russia-linked APT28 is harnessing vulnerable routers in a massive espionage campaign.
North Korean Cyber Operatives Drain $285 Million from Drift Exchange
A North Korean orchestrated cyber attack stole $285 million from Drift, a Solana-based exchange, on April 1, 2026.
Cisco Releases Patches for Critical and High-Severity Vulnerabilities
Cisco fixes critical vulnerabilities threatening authentication, code execution, and more.
TP-Link Routers Receive Patches for High-Severity Security Flaws
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
FCC Adds Consumer Routers to Covered List Amid Security Concerns
The FCC bans the sale of foreign-made consumer routers in the United States, citing security concerns.
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
May 8, 2026
Nation-state-linked PCPJack malware framework worms across cloud environments via five CVEs, using parquet file evasion to harvest credentials from cloud
Palo Alto CVE-2026-0300 Under Active Attack — Patch Due May 13
May 6, 2026
Palo Alto Networks disclosed CVE-2026-0300 on May 6, 2026 — a CVSS 9.3 unauthenticated buffer overflow in PAN-OS Captive Portal
SimpleHelp and ScreenConnect: The IT Tools That Became a Backdoor
May 5, 2026
VENOMOUS#HELPER spent 13 months inside 80+ organizations using legitimate RMM software — SimpleHelp and ScreenConnect — as undetected persistent access
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
April 13, 2026
U.S. cybersecurity agencies warn of Iran-linked APTs exploiting exposed Rockwell PLCs, urging swift disconnection.
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
April 8, 2026
Russia-linked APT28 is harnessing vulnerable routers in a massive espionage campaign.
North Korean Cyber Operatives Drain $285 Million from Drift Exchange
April 7, 2026
A North Korean orchestrated cyber attack stole $285 million from Drift, a Solana-based exchange, on April 1, 2026.
Cisco Releases Patches for Critical and High-Severity Vulnerabilities
April 3, 2026
Cisco fixes critical vulnerabilities threatening authentication, code execution, and more.
TP-Link Routers Receive Patches for High-Severity Security Flaws
April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
FCC Adds Consumer Routers to Covered List Amid Security Concerns
March 25, 2026
The FCC bans the sale of foreign-made consumer routers in the United States, citing security concerns.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.