Geek-Guy.com

Tag: Tuesday

AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

Anthropic grants Project Glasswing access to 150 more companies, with a focus on critical infrastructure

Anthropic on Tuesday announced that it was adding 150 more companies to its Project Glasswing AI-based vulnerability hunting initiative, with a particular focus on critical infrastructure companies including those involved in “power, water, healthcare, communications and hardware.” Analysts and security vendors agreed that the move is a positive step, noting that the more companies involved…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, Risk Management

Trump administration releases scaled-back AI executive order

The Trump administration issued a revised executive order Tuesday focused on artificial intelligence, offering a significantly pared-back vision for the federal government’s role vetting AI systems compared to a draft version that was spiked weeks ago. The order keeps in place the administration’s largely voluntary framework for companies to engage with the federal government around…

Read more →

AI, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Risk Management

GitHub says internal repositories were taken in poisoned VS Code extension attack

GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing risks facing software development platforms and the ecosystems built around third-party developer tools. The Microsoft-owned company said in posts on X that it detected and contained the…

Read more →

AI, Global Security News, malware, Network Security

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company’s Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world. The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the…

Read more →

Global Security News

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass. “Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred…

Read more →

AI, Global Security News

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories

GitHub on Tuesday said it’s investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform’s source code and internal organizations for sale on a cybercrime forum. “While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News

Fortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandbox

Fortinet released a batch of patches across its products on Patch Tuesday, including two critical vulnerabilities that can lead to remote code execution. Fortinet flaws, both zero-day and n-day, have been exploited in the wild many times in the past, so companies should deploy patches as soon as possible. “Fortinet vulnerabilities are often attractive to…

Read more →

AI, Exploits, Global Security News, Network Security

Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming

Microsoft’s May 2026 Patch Tuesday fixed 138 flaws, including 30 critical bugs, across Windows, Office, Azure, Edge, SQL Server, and more. Microsoft’s May 2026 Patch Tuesday patched 138 vulnerabilities in a single release. That is a number that gives pause even for people accustomed to these cycles. The affected products span virtually the entire Microsoft…

Read more →

AI, Global Security News, privacy

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of Advanced Protection Mode, enables “persistent and privacy-preserving forensics logging to allow for investigation of devices in the event of a suspected compromise,” the company said. The feature,…

Read more →

AI, Cybersecurity, Europe, Global Security News, Government & Policy, Risk Management

Major world economies spell out key elements of AI ‘ingredients list’

A group of international government agencies released guidance Tuesday on what they believe any artificial intelligence “ingredients list” tool should include to make AI more secure. The concept of such a list, known as a “software bill of materials (SBOM),” is to know everything that goes into a particular piece of software so that any…

Read more →

AI, APAC, Apps, Exploits, Global Security News

Microsoft May 2026 Patch Tuesday, (Tue, May 12th)

Today’s Microsoft patch Tuesday fixes 137 different vulnerabilities. In addition, the update addresses 137 Chromium-related issues affecting Microsoft Edge. There are no already disclosed or already exploited vulnerabilities included in today’s patches. I removed the Chromium issues from the table below and included only the 137 Microsoft issues to make it more readable. Note that issues…

Read more →

AI, Global Security News, privacy, Risk Management

Google and Amnesty International teamed up to make it harder for spyware vendors to hide

Google launched a feature for Android phones Tuesday for dedicated forensic logs about intrusions from sophisticated attacks like those by spyware vendors, in what design partners at Amnesty International hailed as an important first. The tech giant has been ramping up the new feature, Intrusion Logging, since last year, and has now begun rolling it…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Risk Management

ThreatDown Expands Into Identity Security With ITDR Platform

ThreatDown on Tuesday announced the launch of its new Identity Threat Detection and Response (ITDR) platform, designed to help organizations detect and respond to attacks targeting user identities and credentials after authentication. The California-based cybersecurity vendor said the product is built to monitor suspicious identity activity across hybrid environments, including Microsoft Entra ID, Okta, and…

Read more →

AI, Compliance, Global Security News, Risk Management

JumpCloud Report Finds AI Agent Security Gaps Widening

JumpCloud, the IT management platform company, released its Agentic IAM Pulse Report on Tuesday, drawing on responses from 261 IT, security, and identity decision-makers at organizations with 200-2,500 employees across the United States and the United Kingdom.  The findings reveal a widening gap between how aggressively companies are deploying AI agents and how little governance…

Read more →

Cybersecurity, Exploits, Global Security News

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below – CVE-2024-1708 (CVSS score: 8.4) – A path traversal vulnerability in  ConnectWise ScreenConnect

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security

Federal CIO cautious on Anthropic’s Mythos despite planned rollout

Federal Chief Information Officer Greg Barbaccia said Tuesday the government is approaching Anthropic’s Mythos model with measured expectations, acknowledging both its potential to strengthen federal cyber defenses and the significant uncertainties that remain about how it would perform in real-world conditions. Barbaccia said his direct exposure to Mythos has been limited to evaluations and benchmarking…

Read more →

AI, Cybersecurity, Global Security News, Risk Management

Lawmakers ponder terrorism designations, homicide charges over hospital ransomware attacks

Lawmakers at a hearing Tuesday explored ways to beef up punishments for ransomware attacks against hospitals, possibly by labeling them as more severe crimes. One proposal floated at the House Homeland Security Committee hearing, to treat ransomware attacks as terrorism, is an idea Congress has flirted with before. Another would be to press prosecutors to…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

Microsoft Patch Tuesday security updates for April 2026 fixed 165 vulnerabilities, including an actively exploited SharePoint zero-day. Microsoft Patch Tuesday security updates addressed 165 vulnerabilities, making it one of the largest updates by CVE count. One of the most interesting flaws fixed by the IT giant is a critical SharePoint zero-day, tracked as CVE-2026-32201, already…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, malware, Network Security

Iran‑linked PLC attacks cause real‑world disruption at critical US infra sites

As the US and Iran agreed to a ceasefire on Tuesday, six US federal agencies have warned that Iran-affiliated threat actors have compromised internet-exposed programmable logic controllers at critical infrastructure facilities in the US. The attacks, which the agencies linked to escalating hostilities between Iran and the US and Israel, targeted Rockwell Automation and Allen-Bradley…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, Network Security

Iranian cyber activity hits US energy, water, and government networks

U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell Automation and Allen-Bradley, across multiple critical infrastructure sectors. The activity has been attributed to Iranian-affiliated APT actors seeking to disrupt operations in the United States. Disruptions across critical sectors The advisory, issued by…

Read more →

AI, Funding, Global Security News

White House executive order purports to limit mail-in voting, mandate federal voter lists 

President Donald Trump signed an executive order Tuesday that purports to limit mail-in voting, though critics say the move will almost certainly be challenged in court on constitutional grounds. The order instructs the Homeland Security secretary, the director of U.S. Citizenship and Immigrations Services and the commissioner of the Social Security Administration to compile lists…

Read more →

AI, Global Security News, malware, Network Security

SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)

Introduction This diary provides indicators from the SmartApeSG (ZPHP, HANEYMANEY) campaign I saw on Tuesday, 2026-03-24. SmartApeSG is one of many campaigns that use the ClickFix technique. This past week, I’ve seen NetSupport RAT as follow-up malware from Remcos RAT pushed by this campaign. But this time, I also saw indicators for StealC malware and…

Read more →

Exploits, Global Security News

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit’s Navigation API that could be exploited to bypass the same-origin policy when processing maliciously…

Read more →

AI, APAC, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Risk Management, Russia

Trump administration isn’t pushing companies to conduct cyber offense, national cyber director says

National Cyber Director Sean Cairncross said Tuesday that the Trump administration isn’t aspiring to enlist the private sector to conduct offensive cyber operations, but instead to help the government by keeping them abreast of the threats they’re facing. The recently-released national cyber strategy talks about incentivizing companies to disrupt the networks of adversaries. “I’m not…

Read more →

AI, APAC, Apps, Exploits, Global Security News, Network Security, Risk Management

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

The team at Readiness each month analyzes the latest Patch Tuesday updates from Microsoft and provides detailed, actionable testing guidance. The March release addresses 83 vulnerabilities across Windows, Office, SQL Server, Azure, and .NET — a moderate volume with two publicly disclosed zero-days affecting SQL Server and .NET (though neither is being actively exploited in…

Read more →

AI, Exploits, Global Security News

Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited

On March 2026 Patch Tuesday, Microsoft addressed 80+ vulnerabilities affecting its software and cloud services. Of these, two were publicly disclosed, but not actively exploited. Privilege escalation vulnerabilities abound The two publicly disclosed flaws are CVE-2026-21262, a vulnerability in SQL Server that may allow attackers to gain SQLAdmin privileges, and CVE-2026-26127, a .NET flaw that…

Read more →

AI, Exploits, Global Security News, Network Security

Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs

Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities in its products. None of the flaws are known to be exploited so far. Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities across its products. The IT giant addressed flaws across Windows, Office, Edge, Azure, SQL Server, Hyper-V, and ReFS. Including…

Read more →

Cybersecurity, Exploits, Global Security News

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an

Read more →

AI, Apps, Cybersecurity, Global Security News, Risk Management

DeepKeep Launches AI Agent Security Scanner

DeepKeep on Tuesday introduced a new AI Agent Scanner designed to help enterprises identify and secure the growing attack surface created by AI agents embedded in business workflows. The Tel Aviv-based AI security vendor said its latest release provides structured attack surface scanning and discovery for agentic AI environments, where large language model (LLM)-based agents…

Read more →

Cybersecurity, Exploits, Global Security News

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to execute

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Russia

Ex-L3Harris executive sentenced to 87 months in prison for selling zero-day exploits to Russian broker

An ex-L3 Harris executive was sentenced to over seven years in prison Tuesday after pleading guilty to selling eight zero-day exploits to a Russian broker in exchange for millions of dollars. Williams, 39, admitted to two counts of theft of trade secrets in U.S. District Court in Washington, D.C., last year, acknowledging he took at…

Read more →

AI, Cybersecurity, Global Security News, Network Security, Risk Management

Cloud Range Rolls Out Validation Range for Secure AI Testing

Cloud Range on Tuesday launched its AI Validation Range, a cyber range platform designed to help organizations securely test, train, and validate AI models and agentic AI before deployment in production environments. Balancing AI security and human judgment According to Cloud Range, its new platform is designed to address the rapid adoption of unmanaged AI…

Read more →

Cybersecurity, Exploits, Global Security News

CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2026-2441 (CVSS score: 8.8) – A use-after-free vulnerability in Google Chrome that could allow a remote attacker to…

Read more →

AI, Cloud Security, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management

Palo Alto Networks’ Koi acquisition is all about keeping AI agents in check

Palo Alto Networks announced Tuesday its plans to buy security startup Koi, a deal aimed at addressing the security risks emerging as organizations rapidly adopt agentic AI. Terms were not disclosed, but Israeli business outlet Globes reported that Palo Alto will pay approximately $400 million. The deal is another among a trend of larger cybersecurity…

Read more →

AI, Don't miss, Exploits, Global Security News, Hot stuff, News, PoC, Social Engineering

Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)

Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be exploited by attackers to achieve remote code execution on targets’ Windows system. About CVE-2026-20841 For many, many years, Windows Notepad was a simple text editor and a staple tool…

Read more →

Exploits, Global Security News

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

It’s Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services. Microsoft issued fixes for 59 flaws, including six actively exploited zero-days in various Windows components that could be abused to bypass security features, escalate privileges, and trigger a denial-of-service (DoS) condition. Elsewhere

Read more →

Don't miss, Exploits, Global Security News, Hot stuff, News

Microsoft Patch Tuesday: 6 exploited zero-days fixed in February 2026

Microsoft has plugged 50+ security holes on February 2026 Patch Tuesday, including six zero-day vulnerabilities exploited by attackers in the wild. The “security feature bypass” zero-days Among the zero-days fixed are three vulnerabilities that allow attackers to bypass a security feature. CVE-2026-21513 affects the MSHTML/Trident browser engine for the Microsoft Windows version of Internet Explorer,…

Read more →

AI, Breaking News, Exploits, Global Security News, hacking, hacking news, Security, Uncategorized

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws across Windows, Office, Azure, Edge, Exchange, Hyper-V, WSL, and other components, rising to 62 CVEs when third-party updates are included. Five vulnerabilities are Critical, two Moderate, and most…

Read more →

AI, Endpoint, Exploits, Global Security News

Microsoft Patch Tuesday – January 2026, (Tue, Feb 10th)

Today’s patch Tuesday addresses 59 different vulnerabilities (plus two Chromium vulnerabilities affecting Microsoft Edge). While this is a lower-than-normal number, this includes six vulnerabilities that are already exploited. Three vulnerabilities have already been exploited and made public. In addition, five critical vulnerabilities are included in this patch Tuesday. Vulnerabilities of Interest: The three already exploited…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption

Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…

Read more →

AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption

Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…

Read more →

AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption

Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…

Read more →

AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption

Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…

Read more →