Internet Security

CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years

June 1, 2026 add comment
CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilities because... Read more »

U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog

June 1, 2026 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto... Read more »

The Pentagon Finally Admits That Location Data Is a Battlefield Problem

June 1, 2026 add comment
The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advocates, and intelligence... Read more »

CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

May 31, 2026 add comment
CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May 13. Two... Read more »

CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

May 31, 2026 add comment
CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May 13. Two... Read more »

Security Affairs newsletter Round 579 by Pierluigi Paganini – INTERNATIONAL EDITION

May 31, 2026 add comment
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

May 31, 2026 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling... Read more »

ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers

May 30, 2026 add comment
Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has published data allegedly stolen... Read more »

Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys

May 30, 2026 add comment
Attackers are texting Signal users posing as Support, asking for backup recovery keys. Once obtained, they can decrypt the entire message history, not just future chats. A phishing campaign... Read more »

Botnet of 17 Million Devices Dismantled in the Netherlands

May 30, 2026 add comment
Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and... Read more »
Subscribe to our Newsletter