Palo Alto Networks warns of critical PAN-OS vulnerability exploited in the wild
The vulnerability, which has a CVSS score of 9.3 when the User-ID Authentication Portal is exposed to untrusted networks, enables unauthenticated attackers t...
Transportation
20 articles
DHS mobile device security falls short of standards, inspector general report finds
The Department of Homeland Security's inspector general report found that over three-quarters of the 650 mobile apps installed on devices within the intellig...
Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300)
Overview On May 6, 2026, Palo Alto Networks published a security advisory for CVE-2026-0300, a critical unauthenticated buffer overflow vulnerability affecti...
Intel 471 speeds threat hunting and remediation with Retroactive Threat Detections
Intel 471 has announced Retroactive Threat Detections (RTD), a new capability within its Verity471 platform. RTD helps security teams quickly understand the ...
Proton Mail brings quantum-safe email encryption to all accounts
Post-quantum protection is now available as an optional feature in Proton Mail across all plans, including the free tier. How post-quantum protection works O...
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in ...
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild. The ...
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. The post Palo Alto Networks to Patch Zero-Day Exploited to...
CISA boasts AI automation improvements to threat analysis, mission support
Cybersecurity and Infrastructure Security Agency officials said it’s proven a boon in numerous areas, but there are some hurdles to adoption, still. The post...
Introducing AI traffic analysis dashboards for AWS WAF
As AI agents, bots, and programmatic access become an increasingly significant portion of web traffic, organizations need better tools to understand, analyze...
AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk
ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use
Elastic Workflows GA: automation where your security data already lives
Elastic Workflows is generally available in 9.4, bringing production-ready security automation with deeper case management integration, human-in-the-loop sup...
Securing open proxies in your AWS environment
This article shows you how to identify and secure open proxies in your AWS environment to prevent abuse, protect your IP address reputation, and control cost...
Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition
Here's a tip for you all. Unless you want to draw attention to yourself as a cybercriminal, don't flaunt your diamond-encrusted "HACK THE PLANET" necklace on...
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a "portion" of its source code. It said it "recentl...
Metasploit Wrap-Up 05/01/2026
MCP server This release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Met...
Announcing the ISO 31000:2018 Risk Management on AWS Compliance Guide
AWS Security Assurance Services is announcing the release of our latest compliance guide, ISO 31000:2018 Risk Management on AWS, which provides practical gui...
Top Five Sales Challenges Costing MSPs Cybersecurity Revenue
The managed security services market is projected to grow from $38.31 billion in 2025 to $69.
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 20, 2026 to April 26, 2026)
Last week, there were 157 vulnerabilities disclosed in 122 WordPress Plugins and 27 WordPress Themes that have been added to the Wordfence Intelligence Vulne...
Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability
A flaw in the Linux kernel present since 2017 allows a local user to gain root access on virtually every major Linux distribution. A public exploit is availa...