SECURITYTHE REGISTER
State-backed hackers hammer Palo Alto firewall zero-day before patch lands
State-backed hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls, tracked as CVE-2026-0300, to gain root access without login required. The flaw affects the Captive Portal feature in PAN-OS on PA-Series and VM-Series firewalls. Attacks are already underway, tied to a cluster of likely state-sponsored threat activity tracked as CL-STA-1132.
Mentioned