https://securityunlocked.com/tags/china-state/Recent content in China-State on Security UnlockedHugoen-usFri, 08 May 2026 13:00:00 +0000https://securityunlocked.com/alerts/palo-alto-captive-portal-zero-day-under-active-chinese-linked-exploitation-first-patches-may-13/Fri, 08 May 2026 13:00:00 +0000https://securityunlocked.com/alerts/palo-alto-captive-portal-zero-day-under-active-chinese-linked-exploitation-first-patches-may-13/CVE-2026-0300 (CVSS 9.3) is an unauthenticated, root-level RCE in the PAN-OS User-ID Authentication Portal of PA-Series and VM-Series firewalls, under active exploitation by a likely China-aligned cluster Unit 42 tracks as CL-STA-1132. First hotfixes ship May 13. Anything with the Captive Portal exposed to untrusted networks needs immediate mitigation.