Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
The Hacker News

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

CVE-2026-0257 is being actively exploited on PAN-OS devices since May 17, 2026, enabling unauthorized VPN access and network exposure.

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks.
CoinDesk

Wall Street’s trillion-dollar dilemma: Why AI-powered hackers are keeping big banks off the blockchain

CertiK CEO and co-founder Ronghui Gu says April was the worst month for DeFi in four years with exploits on 27 out of 30 day ...