https://securityunlocked.com/tags/palo-alto-networks/Recent content in Palo-Alto-Networks on Security UnlockedHugoen-usFri, 08 May 2026 13:00:00 +0000https://securityunlocked.com/alerts/palo-alto-captive-portal-zero-day-under-active-chinese-linked-exploitation-first-patches-may-13/Fri, 08 May 2026 13:00:00 +0000https://securityunlocked.com/alerts/palo-alto-captive-portal-zero-day-under-active-chinese-linked-exploitation-first-patches-may-13/CVE-2026-0300 (CVSS 9.3) is an unauthenticated, root-level RCE in the PAN-OS User-ID Authentication Portal of PA-Series and VM-Series firewalls, under active exploitation by a likely China-aligned cluster Unit 42 tracks as CL-STA-1132. First hotfixes ship May 13. Anything with the Captive Portal exposed to untrusted networks needs immediate mitigation.https://securityunlocked.com/weekly-intelligence/shinyhunters-adds-275-million-students-to-mondays-breach-wave-pan-os-zero-day-leaves-perimeter-gaps-until-may-13/Thu, 07 May 2026 00:00:00 +0000https://securityunlocked.com/weekly-intelligence/shinyhunters-adds-275-million-students-to-mondays-breach-wave-pan-os-zero-day-leaves-perimeter-gaps-until-may-13/ShinyHunters expanded Monday’s identity breach wave to 275 million education users via Canvas and pivoted to cloud data warehouse infrastructure at Vimeo; separately, an unpatched PAN-OS RCE zero-day leaves internet-facing firewalls exposed until at least May 13.