TECH NEWS

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

https://www.securityweek.com/wp-content/uploads/2024/04/Palo-Alto-Networks.jpeg

Palo Alto Networks is working on patches for a critical PAN-OS zero-day that has been exploited to hack some of the company’s firewall models.

Tracked as CVE-2026-0300, the vulnerability has been described as a buffer overflow affecting the User-ID Authentication Portal (Captive Portal) service of PAN-OS software.

The zero-day affects PA and VM series firewalls, allowing an unauthenticated attacker to execute malicious code with root privileges via specially crafted packets.

“Limited exploitation has been observed targeting Palo Alto Networks User-ID Authentication Portals that are exposed to untrusted IP addresses and/or the public internet,” Palo Alto Networks said in an advisory.

No other information has been shared about the attacks exploiting CVE-2026-0300, but limited exploitation typically indicates that a flaw has been leveraged in highly targeted attacks by sophisticated threat actors, often state-sponsored groups.

The vendor is aiming to release the first round of patches on May 13, with a...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

Read more

https://tii.imgix.net/production/articles/17363/005931ef-0c79-4f52-b0bd-17bbe58c7349.jpg?fm=jpeg&auto=compress&w=610

Sources: Salesforce staff worry Anthropic's Claude Tag could cannibalize Slackbot and give the AI firm more leverage over the enterprise software industry

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.
https://cdn.arstechnica.net/wp-content/uploads/2026/06/Netflix-1152x648-1782496111.jpg

Netflix has been gradually requiring each profile under a Netflix subscription to use a unique email address; the rule doesn't apply to children's profiles

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.
https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iMCFVYC_pczw/v0/1200x800.jpg

How AI is shaping the 2026 US midterms, as public anger grows against data center expansion and the AI industry emerges as one of the biggest financial backers

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.