Trending Topics

Critical PAN-OS Zero-Day CVE-2026-0300 Exposes Palo Alto Firewalls to Root-Level Takeover

Palo Alto Networks is warning customers about CVE-2026-0300, a critical PAN-OS zero-day already being exploited in the wild that allows unauthenticated attackers to execute arbitrary code with root privileges on affected firewalls. The vulnerability is a buffer overflow in the User-ID Authentication Portal, also known as Captive Portal, and affects PA-Series and VM-Series firewalls when that portal is enabled and reachable from untrusted networks or the public internet. Palo Alto assigns the flaw a CVSS 4.0 score of 9.3 when the portal is internet-exposed and 8.7 when access is limited to trusted internal networks, reflecting just how dangerous this issue becomes once the service is externally reachable. The operational risk is significant because a successful exploit turns the firewall itself into the attacker’s beachhead. Once compromised, a PAN-OS device can intercept and manipulate traffic, disable or weaken security controls, steal credentials, and pivot directly into protected internal segments behind the firewall. Palo Alto says exploitation is currently limited and focused on exposed User-ID portals, but the path requires no credentials, no user interaction, and is fully automatable, which sharply increases the odds of wider opportunistic exploitation now that the advisory is public. Threat intelligence sources note that Shadowserver is already tracking more than 5,800 exposed PAN-OS VM-Series firewalls online, with particularly heavy concentrations in Asia and North America, leaving a sizable attack surface available to both espionage actors and financially motivated groups. Patches are being released in waves rather than all at once, so immediate mitigation matters just as much as upgrading. Palo Alto’s guidance is clear: restrict the User-ID Authentication Portal to trusted internal zones only, or disable it entirely if your environment does not require it. The company is also deploying a Threat Prevention signature for PAN-OS 11.1 and later to block known exploit attempts as a temporary safeguard while customers wait for the relevant fixed builds in their release tracks. Security teams should urgently audit whether Captive Portal is enabled anywhere in their estate, identify any internet-facing instances, and treat those systems as emergency remediation priorities until patched, because in this case, the firewall is not just the target; it can become the launch point for a much broader compromise.

MuddyWater Turns Microsoft Teams into a Front Door for Espionage and Extortion

Iran-linked threat group MuddyWater is expanding its social engineering playbook by using Microsoft Teams as a direct channel to breach organizations, blending state-style espionage tradecraft with ransomware-like pressure tactics. Recent reporting shows the group posing as IT or help desk staff in Teams chats, using that trusted collaboration channel to convince employees to join screen-sharing sessions, follow fake support instructions, or reveal credentials under the guise of solving a technical issue. This marks an important shift: the attackers are not just sending phishing emails anymore; they are meeting users in the same enterprise tool that many organizations trust for daily support, meetings, and internal communication. The underlying objective appears broader than a single malware drop. In incidents linked to MuddyWater, attackers used Teams interactions to harvest passwords, alter MFA settings, gain remote access through tools such as AnyDesk and DWAgent, and then deploy custom malware loaders and backdoors for persistence and command execution. Rapid7 and other researchers say the group has even tried to disguise these operations as Chaos ransomware incidents, layering extortion emails and leak-site theatrics over activity that more closely matches MuddyWater’s long-established espionage behavior. That mix of credential theft, persistence, remote access, data exfiltration, and psychological pressure reflects MuddyWater’s broader evolution in 2025 and 2026, where it has combined legitimate tools, custom malware, and living-off-the-land techniques to create intrusions that are both stealthy and disruptive. For defenders, the key lesson is that collaboration platforms like Microsoft Teams must now be treated as first-class attack surfaces. Security teams should tighten policies for external Teams access, require staff to verify help desk contacts through out-of-band channels, and restrict remote assistance workflows so users cannot be easily talked into screen sharing or typing credentials into local files or phishing pages. It is also important to monitor for unusual Teams-based contact patterns, rapid MFA changes, unexpected installations of remote support tools, and follow-on activity such as suspicious PowerShell execution or outbound communications from newly dropped binaries. In practical terms, MuddyWater’s latest campaign shows that when attackers can blend social engineering into normal collaboration traffic, the line between “message from IT” and initial access vector becomes dangerously thin.

Major EdTech Breach Puts Student Privacy at Risk Across Thousands of Schools

A newly disclosed breach at education technology giant Instructure, the company behind Canvas, has exposed sensitive student information and once again highlighted how a single edtech vendor can become a single point of failure for schools worldwide. Instructure has confirmed that a threat actor accessed user data and private messages on its platform, while the ShinyHunters group claims the attack may affect nearly 9,000 schools and hundreds of millions of records, though the company has not verified those figures. Even without accepting the attackers’ full claims, the confirmed exposure of student names, email addresses, and messages between students and educators makes this a serious privacy incident with potentially long-term consequences for minors and educational institutions. What makes this breach particularly troubling is the broader pattern it fits. Schools and universities increasingly rely on large SaaS platforms like Canvas to centralize coursework, communication, grades, and identity data, which means a single compromise can cascade instantly across thousands of districts and campuses. This incident follows a string of major education-sector breaches, including the PowerSchool compromise that exposed roughly 62 million students and 9.5 million educators, reinforcing that attackers now view student data as a high-value asset and edtech platforms as efficient, scalable targets. Education records often contain far more than names and emails. Over time, they can be linked to student IDs, family relationships, health details, counseling conversations, and communication history, turning these platforms into deeply attractive repositories for extortion, identity theft, and long-tail fraud. For school systems, colleges, and education vendors, this is a warning that third-party risk management cannot be treated as a procurement checkbox. Institutions should immediately determine whether they use Canvas in affected workflows, identify which data categories may have been exposed, and prepare communications and identity protection guidance for students, staff, and families. More broadly, the sector needs tighter controls around privileged access, stronger segmentation of messaging and identity data, shorter retention periods for nonessential records, and contractual pressure on vendors to prove MFA coverage, logging maturity, incident response readiness, and rapid notification standards. The lesson from Instructure, like PowerSchool before it, is that when education data is concentrated in a handful of platforms, one breach can instantly become a national or even global student privacy event.

Calendar Invites Are Becoming a Trusted Backdoor for Phishing Attacks

Attackers are increasingly turning calendar invitations into phishing lures because they inherit the trust and urgency that come with scheduling tools people use every day. Recent reporting and threat intelligence show that malicious calendar events and .ics attachments can slip past traditional email defenses, land directly on a victim’s calendar, and pressure users into clicking links or opening fake meeting pages before they stop to verify the sender. In many cases, even if the original email is quarantined, the event itself may still appear in the user’s calendar depending on platform settings, giving attackers a second chance to reach the target through a workflow that feels routine rather than suspicious. What makes this tactic effective is that it blends social engineering with platform trust. Threat actors have abused Microsoft and Google calendar invites, randomized sender addresses, urgent wording like “deadline,” voicemail-themed event titles, and links disguised as support, login, or meeting actions to steer users toward credential theft pages and other malicious destinations. Earlier large-scale campaigns spoofed Google Calendar to reach roughly 300 organizations with over 4,000 invites, while more recent defensive reporting shows a marked surge in “ICS phishing,” where calendar files are specifically used to evade secure email gateways and create persistent visual reminders within the calendar itself. Researchers have also shown that calendar systems can be abused beyond phishing alone, including privacy bypasses and even malware command-and-control scenarios, reinforcing the idea that calendar infrastructure is no longer just a productivity tool; it is an emerging attack surface. For defenders, the practical response is to treat calendar events with the same scrutiny as email attachments and links. Organizations should review automatic calendar processing settings, disable or limit auto-adding of events from unknown senders, and ensure users are trained not to trust an invitation simply because it appears on their calendar. Security teams should also update detection logic to inspect .ics files and embedded calendar URLs, monitor for spikes in external invite traffic, and build user awareness around common lures such as urgent deadlines, fake voicemail notices, and unexpected support or authentication prompts. The broader lesson is simple: when attackers can weaponize the tools people rely on to organize their day, even a calendar notification can become the first step in a successful breach.

Suspected OceanLotus Campaign Turns PyPI Packages Into a Cross-Platform Espionage Delivery Channel

Kaspersky researchers have uncovered a malicious PyPI campaign built around wheel packages that targeted both Windows and Linux users and delivered a previously undocumented malware family dubbed ZiChatBot. Based on the tooling, delivery style, and broader operational patterns, the activity has been attributed to OceanLotus, also known as APT32, a long-running espionage group widely associated with Vietnamese state interests. The discovery is another sign that open-source software ecosystems are now firmly part of the cyber-espionage battlefield, where threat actors no longer need to rely on phishing alone when they can poison trusted developer workflows instead. What makes this campaign notable is its cross-platform design and its likely intelligence focus. Rather than acting like a noisy commodity infostealer, the PyPI packages functioned as droppers that selectively deployed ZiChatBot on Windows and Linux systems, suggesting the operators were interested in developers, researchers, or technical users who routinely install Python dependencies across mixed environments. That aligns with OceanLotus’s historical tradecraft, which has often centered on stealthy, targeted intrusion campaigns against journalists, dissidents, government entities, and regional strategic interests using convincing lures and multi-stage malware delivery. In this case, PyPI served as a quiet and scalable distribution platform, allowing a suspected state-backed group to blend espionage tooling into a normal software supply chain rather than relying solely on direct social engineering. Organizations should audit Python dependency use, block or review unapproved package installs, and apply stronger controls such as internal package mirrors, version pinning, provenance checks, and behavioral monitoring for package execution on developer and build systems. The suspected OceanLotus ZiChatBot campaign also reinforces a larger trend: advanced persistent threat groups are adapting to the same open-source ecosystems and DevOps practices that modern engineering teams depend on, meaning software supply chain trust now must be defended with the same rigor as email, identity, and endpoint security.