Security news.
Today's security news highlights active exploitation of a Palo Alto Networks PAN-OS vulnerability and ongoing supply chain compromises. Several large data breaches have also been disclosed, alongside new threats leveraging AI for cyberattacks and phishing campaigns.
PAN-OS GlobalProtect Authentication Bypass Under Active Exploitation
Palo Alto Networks has warned that CVE-2026-0257, a medium-severity authentication bypass flaw in PAN-OS and Prisma Access, is being actively exploited to establish unauthorized VPN connections.
CISA Warns of Supply Chain Compromises Impacting Nx Console and GitHub
CISA is prioritizing response to multiple software supply chain intrusion campaigns, including a GitHub compromise via a malicious Nx Console Visual Studio Code extension and the "Megalodon" campaign.
Charter Communications Data Breach Affects 4.9 Million Accounts
The ShinyHunters extortion group stole personal information from nearly 5 million Charter Communications accounts in April.
ChatGPT Share Links Abused for Malware Delivery
Threat actors are exploiting ChatGPT's content-sharing feature to host fake OpenAI outage pages that trick users into downloading malware disguised as a ChatGPT desktop application.
Critical Gogs Zero-Day Exposes Servers to Remote Code Execution
A critical-severity argument injection flaw (CVSS 9.4) in the Gogs self-hosted Git service allows authenticated attackers to achieve remote code execution via malicious branch names in pull requests.
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after exploiting a Marimo network via CVE-2026-39987.
California AG Sues 23andMe Over 2023 Breach Exposing Health Data
California Attorney General Rob Bonta has filed a lawsuit against 23andMe (now Chrome Holding Co.) for failing to protect sensitive customer genetic and personal information in a 2023 breach.
Google Chrome Adds Session Cookie Theft Protection for All Users
Google's Chrome Device Bound Session Credentials (DBSC) security feature is now generally available, rolling out to all users to help prevent account takeovers by protecting against session cookie theft.