Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks.
Google expands Android Binary Transparency after May 1, 2026 to verify app authenticity, reducing supply chain attack risks.
CloudZ RAT exploits Phone Link since Jan 2026, stealing credentials and OTPs via Pheno plugin, bypassing 2FA protections.
While trojanized Daemon Tools versions were installed worldwide, a sophisticated backdoor was dropped only on a dozen systems.
Containing fixes for critical-severity vulnerabilities, the monthly rollouts will focus on addressing priority issues faster.
CVE-2026-0300 exploited via public PAN-OS portal before May 13, 2026 patch, enabling root RCE on firewalls.
As the war with Iran continues, breach attempts targeting the United Arab Emirates tripled in a few weeks — many targeting critical infrastructure.
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls.
No description available.
A previously undocumented Linux implant named Quasar Linux (QLNX) is targeting developers' systems with a mix of rootkit, backdoor, and credential-stealing capabilities.
The hacker behind a breach at education technology giant Instructure claims to have stolen 280 million data records for students and staff from 8,809 colleges, school districts, and online education platforms.
Info is scant, but such breaches can reveal where a security product's controls are located and how detections are designed, giving attackers a leg up.
