Palo Alto Networks has disclosed a critical buffer overflow vulnerability in PAN-OS that is already being exploited in the wild. The flaw, tracked as CVE-2026-0300, can allow unauthenticated attackers to run arbitrary code with full root privileges on affected PA-Series and VM-Series firewalls when the User-ID™ Authentication Portal (captive portal) is exposed to untrusted networks. Given the ease of exploitation
Latest Articles
Cybersecurity
Project Glasswing and Mythos Preview: What 10,000+ AI-Found Vulnerabilities Mean for Software Security
In the weeks since Anthropic unveiled Project Glasswing and the Mythos Preview model, a startling new reality has emerged: AI can now find critical flaws across the software stack at an unprecedented scale. Early collaborators and independent testers report thousands of high- and critical-severity findings across essential infrastructure and widely used open-source projects. That rapid discovery is a boon for defenders—if we can solve the bottleneck that remains: human triage, disclosure, and patching. What Project Glasswing has achieved Project Glasswing…
Continue readingCopy Fail (CVE-2026-31431): A 4‑Byte Kernel Bug That Lets Attackers Gain Root on Major Linux Distros
Microsoft Defender Security Research recently disclosed CVE-2026-31431—nicknamed “Copy Fail”—a high‑severity local privilege escalation in the Linux kernel’s crypto subsystem that enables an unprivileged user to escalate to root. The vulnerability affects kernels released since 2017 and has broad implications for cloud and container environments because the exploit can corrupt in-memory representations of readable files (including setuid binaries) without changing the
Amazon Faces Months of Repairs After Drone Strikes Cripple Middle East Data Centers
Amazon Web Services says recovery from drone strikes that hit its data centers in the United Arab Emirates and Bahrain will be measured in months, leaving customers in the region facing prolonged disruption and prompting a broader rethink of investments in Middle East infrastructure. The attacks, part of a wider bout of regional hostilities, knocked core compute racks offline, triggered
Ditching PsExec – Running Interactive SYSTEM Shells Natively in PowerShell
If you’ve spent any time in Windows System Administration over the last decade, I can almost guarantee you’ve reached for PsExec at least once. Originally from Sysinternals and now officially part of Microsoft, PsExec is one of those deceptively simple tools that has quietly saved thousands of IT professionals from hours of sheer agony. A single executable, zero installation, no
Cloudflare makes post‑quantum IPsec generally available
For years, the internet’s move to post‑quantum cryptography focused first on TLS, but site‑to‑site networking has lagged behind. Today Cloudflare is announcing general availability of post‑quantum encryption for Cloudflare IPsec, bringing hybrid ML‑KEM protection to WAN tunnels so organizations can defend against “harvest‑now, decrypt‑later” attacks without buying specialized hardware. This update moves another critical piece of enterprise networking closer to
How the Google Gemini CLI Flaw Turned CI/CD Pipelines into Remote Code Execution Risk
A critical remote code execution (RCE) vulnerability in the Google Gemini CLI and its associated GitHub Action exposed a startling weakness in how AI tooling can interact with developer infrastructure. Rated with the maximum CVSS score of 10.0, the bug allowed unprivileged external actors to execute commands on the machines running CI/CD workflows. This wasn’t a prompt-injection trick against a