Security news.
Today's security news highlights significant data breaches and the evolving threat landscape involving AI. Multiple reports detail large-scale data exposures, while threat actors are increasingly leveraging AI tools and platforms for sophisticated phishing and post-exploitation activities.
CISA Adds Palo Alto Networks PAN-OS Auth Bypass to KEV Catalog
CISA has added CVE-2026-0257, a Palo Alto Networks PAN-OS Authentication Bypass Vulnerability, to its Known Exploited Vulnerabilities Catalog, indicating active exploitation.
ChatGPT Share Links Abused for Malware Delivery
Threat actors are exploiting ChatGPT's content-sharing feature to host fake OpenAI outage pages that trick users into downloading malware disguised as a desktop application.
ChatGPhish Vulnerability Turns ChatGPT Summaries Into Phishing Surface
A vulnerability dubbed "ChatGPhish" allows prompt injections and phishing attacks by leveraging ChatGPT's trust in Markdown links and images within web summaries.
Charter Communications Data Breach Impacts Nearly 5 Million
The ShinyHunters extortion group leaked over 42 million records, allegedly stolen from Charter Communications in April, affecting approximately 4.9 million accounts.
California AG Sues 23andMe Over 2023 Data Breach
California Attorney General Rob Bonta has filed a lawsuit against 23andMe (now Chrome Holding Co.) for failing to protect sensitive customer genetic and personal information during its 2023 breach.
Gogs Zero-Day Exposes Servers to Remote Code Execution
A critical-severity argument injection flaw in Gogs, a self-hosted Git service, allows authenticated attackers to achieve remote code execution via malicious branch names in pull requests.
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after exploiting a Marimo network via CVE-2026-39987.
Google Chrome Adds Session Cookie Theft Protection
Google has made its Chrome Device Bound Session Credentials (DBSC) security feature generally available, rolling it out to all users to help prevent account takeovers via session cookie theft.