Security news.
Today's security brief highlights active exploitation of critical vulnerabilities, including a Palo Alto GlobalProtect VPN flaw and a Flowise RCE. We also see continued activity from state-sponsored threat actors and significant data breaches affecting millions of users, underscoring the persistent and evolving threat landscape.
Palo Alto GlobalProtect VPN Auth Bypass Flaw Now Exploited in Attacks
Palo Alto Networks is warning that hackers are actively exploiting a PAN-OS GlobalProtect authentication bypass flaw (CVE-2026-0257) to breach corporate networks.
Exploit Code Published for Critical Flowise RCE Vulnerability
Exploit code has been released for a critical one-click vulnerability in Flowise that allows attackers to execute arbitrary code on self-hosted servers by tricking users into importing a malicious chatflow.
New CIFSwitch Linux Flaw Gives Root on Multiple Distributions
A newly discovered local privilege escalation vulnerability, 'CIFSwitch', in the Linux kernel could allow attackers to gain root privileges by forging CIFS authentication key descriptions and abusing the kernel's key request mechanism.
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite
Officials report that Russian agents are actively using fake companies, middlemen, and cyber spies to acquire Western technology, potentially for use in attacking critical infrastructure.
ChatGPT Share Links Abused to Host Fake Outage Pages to Deliver Malware
Threat actors are exploiting ChatGPT's content-sharing feature to display fake OpenAI outage pages that trick users into downloading malware disguised as the ChatGPT desktop application.
California AG Sues 23andMe Over 2023 Breach Exposing Health Data
California Attorney General Rob Bonta has filed a lawsuit against 23andMe (now Chrome Holding Co.) for failing to protect sensitive customer genetic and personal information during its 2023 data breach.
Charter Communications Data Breach Could Impact Nearly 5 Million
The ShinyHunters extortion group leaked over 42 million records, allegedly stolen from Charter Communications in April, potentially affecting nearly 5 million accounts.
Google Chrome Adds Session Cookie Theft Protection for All Users
Google has announced that its Chrome Device Bound Session Credentials (DBSC) security feature is now generally available and rolling out to all users to prevent account takeovers via session cookie theft.