h4x.lat — Threat Intelligence

Documents

0

Active Sources

0

CVEs

0

IOCs

0

Sources

Unit 42

RSS · 2026-05-16 13:43

15 articles

CrowdStrike Blog

LISTING · 2026-05-16 13:43

75 articles

Securelist

RSS · 2026-05-16 13:43

10 articles

Talos Intelligence

LISTING · 2026-05-16 13:43

25 articles

DarkReading

RSS · 2026-05-16 13:43

0 articles

WeLiveSecurity

RSS · 2026-05-16 13:43

100 articles

Krebs on Security

RSS · 2026-05-16 13:43

10 articles

BleepingComputer

RSS · 2026-05-16 13:43

13 articles

Check Point Research

RSS · 2026-05-16 13:43

15 articles

Elastic Security Labs

RSS · 2026-05-16 13:43

20 articles

Mandiant Research

RSS · 2026-05-16 13:43

20 articles

Proofpoint Threat Insight

RSS · 2026-05-16 13:43

7 articles

Sophos X-Ops

RSS · 2026-05-16 13:43

0 articles

The Hacker News

RSS · 2026-05-16 13:43

50 articles

Google TAG

RSS · 2026-05-16 13:43

0 articles

Microsoft Security Blog

LISTING · 2026-05-16 13:43

75 articles

CISA Advisories

RSS · 2026-05-16 13:43

0 articles

Rapid7 Blog

RSS · 2026-05-16 13:43

20 articles

SentinelOne Labs

RSS · 2026-05-16 13:43

10 articles

Recorded Future Research

LISTING · 2026-05-16 13:43

50 articles

Intelligence Feed

ALL BleepingComputer Check Point Cisco Talos CrowdStrike ESET Elastic Kaspersky Krebs Mandiant Microsoft Palo Alto Proofpoint Rapid7 Recorded Future SentinelOne THN

ALL CRITICAL HIGH MEDIUM LOW

Metasploit Wrap-Up 05/15/2026

Rapid7 Blog 15 May 2026 SEV 7/10

vulnerability malware

Metasploit Wrap-Up 05/15/2026 Back to Blog Products and Tools Metasploit Wrap-Up 05/15/2026 Martin Sutovsky May 15, 2026 | Last updated on May 15, 2026 | xx min read Weaponizing a text editor for fun and profit Gather round, dear readers, because today, we (by we, we mean @h00die) dropped the ultimate persistence mechanism: Vim plugin persistence. And honestly, calling it "persistence" feels redundant — Vim is already the most persistent thing ever. Somewhere, somehow, there will still be a Vim session open since 2011, because no one has figured out how to close it.

CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS

Rapid7 Blog 14 May 2026 SEV 6/10

vulnerability identity_threat

CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS Back to Blog Vulnerabilities and Exploits CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS Rapid7 May 14, 2026 | Last updated on May 14, 2026 | xx min read DISCOVER RAPID7 MDR Overview On May 13, 2026, Palo Alto Networks published a security advisory CVE-2026-0265 , a signature verification vulnerability that facilitates authentication bypass on PAN-OS , the operating system that most Palo Alto Networks firewalls run. This vulnerability allows a remote unauthenticated attacker with network access to bypass authentication when Cloud Authentication Service (CAS) is enabled and attached to a login interface; the vulnerable configuration is non-default but common. CVE-2026-0265 affects PAN-OS on PA-Series and VM-Series firewalls, as well as Panorama (virtual and M-Series) appliances.

Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300)

Rapid7 Blog 06 May 2026 SEV 7/10

vulnerability identity_threat

Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300) Back to Blog Vulnerabilities and Exploits Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300) Jonah Burgess May 6, 2026 | Last updated on May 13, 2026 | xx min read DISCOVER RAPID7 MDR Overview On May 6, 2026, Palo Alto Networks published a security advisory CVE-2026-0300 , a critical unauthenticated buffer overflow vulnerability affecting PAN-OS PA-Series and VM-Series firewall appliances. Prisma Access, Cloud NGFW, and Panorama appliances are not affected by this vulnerability. The vulnerability carries a CVSSv4 score of and has been confirmed as exploited in the wild by the vendor.