Palo Alto GlobalProtect VPN Authentication Bypass CVE-2026-0257 Under Active Exploitation — Patch Now
Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a critical authentication bypass in GlobalProtect portal and gateway components that lets unauthenticated attackers establish unauthorized VPN sessions. CISA...
FortiBleed: Over 73,000 Fortinet Firewalls Compromised in Industrial-Scale Cyber Espionage Campaign
An industrial-scale cyber espionage campaign dubbed "FortiBleed" has silently compromised over 73,932 unique Fortinet firewall URLs across 194 countries, targeting Fortune 500 companies, government entities, and a NATO...
Arkanix: A Sneaky New Malware Stealing from Homes and Small Offices
New malware is emerging with a distinct focus on stealing sensitive information from home users and small businesses: the Arkanix stealer. This advanced tool leverages common vulnerabilities to...
Anatomy of the Winos 4.0 campaign
The Winos 4.0 campaign, as dissected by Rapid7, exemplifies the evolving sophistication of contemporary malware operations targeting Chinese-speaking environments. This campaign leverages a multi-layered loader architecture, dubbed the...
Nominet UK provider confirms cybersecurity incident after hack exploit on Ivanti VPN
Nominet, the prominent U.K. domain registry responsible for managing .co.uk domains, has confirmed a significant cybersecurity incident linked to a recently disclosed vulnerability in Ivanti’s VPN software. In...
Criminal IP and IPLocation.io collaborate for enhanced IP solutions
Criminal IP, a leading cyber threat intelligence (CTI) search engine, has integrated its IP risk detection data with IPLocation.io, a renowned IP address geolocation tracker. This collaboration elevates...