TT-CSIRT – 458.15.06.26- Critical Authentication bypass vulnerabilities in Palo Alto Networks PAN-OS (CVE-2026-0257)

  • Home
  • Archive for category "Security Advisories"
TT-CSIRT – 458.15.06.26- Critical Authentication bypass vulnerabilities in Palo Alto Networks PAN-OS (CVE-2026-0257)
By

Please be advised that a critical vulnerability, designated as CVE-2026-0257, has been identified in Palo Alto Networks PAN-OS, specifically affecting the portal and gateway components of the PAN-OS software. Successful exploitation of CVE-2026-0257 may allow threat actors to bypass security controls and establish unauthorized VPN connections. Please note: Palo Alto Networks has confirmed that this […]

Read More
TT-CSIRT – 457.10.06.26- Critical Check Point VPN Zero-Day
By

Please be advised that a critical vulnerability, CVE-2026-50751 has been identified in Check Point Remote Access VPN and Mobile Access solutions. The flaw allows an attacker to bypass user authentication by exploiting a logic weakness in certificate validation during IKEv1 VPN negotiation. This can allow unauthorized users to establish a remote VPN session without valid […]

Read More
TT-CSIRT – 456.08.05.26 – CYBERSECURITY ADVISORY: Critical Palo Alto Networks PAN-OS Vulnerability (CVE-2026-0300)
By

CVE-2026-0300 is a critical buffer overflow vulnerability affecting the User-ID™ Authentication Portal (also known as the Captive Portal) service in PAN-OS. Successful exploitation may allow an unauthenticated remote attacker to execute arbitrary code with root privileges on affected PA-Series and VM-Series firewalls through specially crafted packets. Palo Alto Networks has confirmed that this vulnerability is […]

Read More
TT-CSIRT-454.17.04.26: Microsoft SharePoint Server Zero-Day Spoofing Vulnerability (CVE-2026-32201)
By

Severity: Medium (Elevated due to active exploitation) Overview:A zero-day vulnerability in Microsoft SharePoint Server allows attackers to perform spoofing attacks due to improper input validation. The vulnerability is actively being exploited and can allow unauthorized access to SharePoint environments. Affected Systems:Microsoft SharePoint ServerSharePoint Server 2016SharePoint Server 2019SharePoint Subscription Edition Description:A spoofing vulnerability, tracked as CVE-2026-32201, exists in Microsoft […]

Read More
TT-CSIRT – 453.24.09.25 – Shai-Hulud Self-Replicating Worm Supply Chain Compromise
By

Please be advised, CISA has issued a critical alert regarding a widespread supply chain attack involving npmjs.com, the largest JavaScript package registry. A self-replicating worm named “Shai-Hulud” has compromised over 500 npm packages. After initial access, the attacker deployed malware scans for sensitive credentials such as GitHub Personal Access Tokens (PATs) and cloud service API […]

Read More
TT-CSIRT – 452.23.09.25 – Security Alert: New Inboxfuscation Tool That Bypasses Microsoft Exchange Inbox Rules and Evades Detection
By

Please be aware, newly discovered is a sophisticated new attack framework called Inboxfuscation, developed by Permiso Security to demonstrate critical vulnerabilities in Microsoft Exchange inbox rule detection systems. This Unicode-based obfuscation technique enables the creation of malicious inbox rules that can completely evade traditional security monitoring and detection mechanisms, representing a significant advancement in email-based […]

Read More
TT-CSIRT – 451.13.09.25 – Malware Alert: Azure Function Abuse
By

Please be advised there has been a discovery of a highly evasive attack using a malicious ISO image named Servicenow-BNM-Verify.iso, containing four files, with two openly visible and two hidden. The visible files include a Windows shortcut, servicenow-bnm-verify.lnk, which launches PanGpHip.exe; a legitimate Palo Alto Networks binary. Hidden are libeay32.dll, a genuine OpenSSL library, and […]

Read More
TT-CSIRT – 450.29.08.25 – FreePBX Vulnerability
By

Please be advised, A critical vulnerability has been discovered in the FreePBX Endpoint module, affecting versions 15, 16, and 17. The vulnerability arises from improper sanitization of user-supplied data, which can be exploited by unauthenticated attackers to gain unauthorized access to the FreePBX Administrator Control Panel. Successful exploitation can result in arbitrary database manipulation and remote […]

Read More
TT-CSIRT – 449.22.08.25 – Microsoft 365 ADFS Exploit
By

Please be advised, a sophisticated phishing campaign have been uncovered, that exploits Microsoft’s Active Directory Federation Services (ADFS) to create legitimate-looking login URLs that redirect users to malicious credential-harvesting sites, effectively turning Microsoft’s own infrastructure into an unwitting accomplice in credential theft operations. Exploit Malicious Google ads clicked on by users who are then redirected […]

Read More
TT-CSIRT – 448.16.08.25 – Windows Out-of-Box-Experience (OOBE) Exploit
By

Be advised, a new security vulnerability has been identified to exploit Windows Out-of-Box-Experience (OOBE) that bypasses existing protections, granting administrative command line access to Windows machines. The vulnerability allows low-privileged domain users to effectively gain local administrative access. This technique works even when Microsoft’s recommended security measure, the DisableCMDRequest.tag file, is implemented to block the well-known […]

Read More

Quick Navigation

Partner Agencies

Subscribe to Stay Updated!

Subscribe

Follow on social media:

Facebook-f X-twitter Linkedin-in Instagram