Skip to content
The Nexus
SECURITYMay 7 · 13:53 UTCTHE REGISTER

State-backed hackers hammer Palo Alto firewall zero-day before patch lands

State-backed hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls, tracked as CVE-2026-0300, to gain root access without login required. The flaw affects the Captive Portal feature in PAN-OS on PA-Series and VM-Series firewalls. Attacks are already underway, tied to a cluster of likely state-sponsored threat activity tracked as CL-STA-1132.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this