Caitlin Condon
Coverage of Caitlin Condon in the Nexus archive.
- Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
Palo Alto Networks' CVE-2026-0257 vulnerability, initially rated medium severity, was escalated to critical after active exploitation was confirmed. Attackers exploit the flaw to bypass authentication and establish unauthorized VPN connections, leveraging a publicly available TLS certificate to forge valid authentication cookies.
- Ivanti customers confront yet another actively exploited zero-day
Ivanti customers are being targeted by attackers exploiting a zero-day vulnerability in Ivanti Endpoint Manager Mobile, with limited exploitation reported. The company has released patches for five high-severity vulnerabilities, including the zero-day defect. Ivanti warned customers of the threat and suggested rotating credentials to reduce risk.
- A critical Palo Alto PAN-OS zero-day is being exploited in the wild
A critical zero-day vulnerability is being exploited in Palo Alto Networks' firewalls, allowing unauthenticated attackers to run code with root privileges. The company has not released a patch but has provided mitigation guidance to customers. Exploitation is expected to increase as more researchers and attackers become aware of the vulnerability.
- ‘Copy Fail’ is a real Linux security crisis wrapped in AI slop
A Linux vulnerability known as 'Copy Fail' is being actively exploited, allowing attackers to gain total control of a system with authenticated local access. The vulnerability was discovered by Theori using AI and affects Linux kernels built since 2017. Patches have been issued for major Linux distributions.