MUST READ

Inside GentleKiller: The EDR-Killer Powering The Gentlemen

 | 

FortiBleed Exposes Global Credential-Spraying Operation

 | 

CISA Warns of Active Exploitation Following FortiBleed Leak

 | 

14,971 WordPress Sites Cleaned in Global SocGholish Takedown

 | 

U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday

 | 

Peter Thiel 's Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail

 | 

24 Billion Stolen Credentials Exposed in Massive Data Leak

 | 

Cisco fixed a critical ISE vulnerability that lets attackers to gain root access

 | 

F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution

 | 

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development

 | 

FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls

 | 

DragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two Months

 | 

U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog

 | 

New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

 | 

EdTech Faces a Cybersecurity Crisis: Data Breaches Surge

 | 

FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data

 | 

China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit Hints

 | 

iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

 | 

Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack

 | 

CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation

 | 

CVE-2026-0257

Pierluigi Paganini June 15, 2026
Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw

Palo Alto Networks warns that attackers are actively exploiting CVE-2026-0257, a PAN-OS flaw that lets unauthorized users bypass authentication and establish VPN connections. Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a PAN-OS authentication bypass vulnerability affecting GlobalProtect portals and gateways. Palo Alto Networks addressed the vulnerability on May 13. Two weeks later, cybersecurity firm Rapid7 […]

Pierluigi Paganini June 01, 2026
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2026-0257 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May […]

Pierluigi Paganini May 31, 2026
CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May 13. Two weeks later, cybersecurity firm Rapid7 confirmed active exploitation across multiple customer environments. The flaw impacts the GlobalProtect portal and gateway components of Palo Alto Networks PAN-OS […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Inside GentleKiller: The EDR-Killer Powering The Gentlemen

Uncategorized / June 20, 2026

FortiBleed Exposes Global Credential-Spraying Operation

Hacking / June 20, 2026

CISA Warns of Active Exploitation Following FortiBleed Leak

Hacking / June 20, 2026

14,971 WordPress Sites Cleaned in Global SocGholish Takedown

Malware / June 19, 2026

U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday

Security / June 19, 2026