Security news.
Today's security brief highlights active exploitation of a Palo Alto GlobalProtect VPN vulnerability, a massive botnet takedown by Dutch authorities, and critical RCE flaws in Flowise and Gogs. Additionally, CISA has added the Palo Alto vulnerability to its Known Exploited Vulnerabilities Catalog, urging immediate patching.
Palo Alto GlobalProtect VPN Auth Bypass (CVE-2026-0257) Actively Exploited
Palo Alto Networks warns that hackers are actively exploiting CVE-2026-0257, an authentication bypass flaw in PAN-OS GlobalProtect, to breach corporate networks.
CISA Adds PAN-OS GlobalProtect Flaw to KEV Catalog
CISA has added the Palo Alto Networks PAN-OS GlobalProtect authentication bypass vulnerability (CVE-2026-0257) to its Known Exploited Vulnerabilities Catalog, emphasizing the critical need for immediate patching.
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
Dutch authorities have successfully taken down a botnet comprising at least 17 million infected devices, including computers, smartphones, and IoT devices, which were used for malicious attacks.
Exploit Code Published for Critical Flowise RCE Vulnerability
A one-click remote code execution vulnerability in self-hosted Flowise servers allows attackers to execute arbitrary code by tricking users into importing a malicious chatflow.
Gogs Zero-Day Exposes Servers to Remote Code Execution
A critical-severity argument injection flaw (CVSS 9.4) in Gogs allows authenticated attackers to achieve remote code execution via pull requests with malicious branch names.
New CIFSwitch Linux Flaw Gives Root on Multiple Distributions
A newly discovered local privilege escalation vulnerability, 'CIFSwitch', in the Linux kernel allows attackers to forge CIFS authentication key descriptions and gain root privileges.
ChatGPT Share Links Abused to Deliver Malware
Threat actors are exploiting ChatGPT's content-sharing feature to host fake OpenAI outage pages that trick users into downloading malware disguised as the ChatGPT desktop application.
Google Chrome Adds Session Cookie Theft Protection for All Users
Google Chrome's Device Bound Session Credentials (DBSC) security feature is now generally available, rolling out to all users to prevent account takeovers by protecting against session cookie theft.