PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
by info@thehackernews.com (The Hacker News) on May 30, 2026 at 6:41 am
Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0257 (CVSS score: 7.8), refers to a case of authentication bypass that could be exploited by bad actors to set up VPN connections. "Authentication bypass vulnerabilities in the
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
by info@thehackernews.com (The Hacker News) on May 29, 2026 at 6:07 pm
Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks. The technique has been codenamed ChatGPhish by Permiso Security. "The chatgpt.com response renderer trusts Markdown links and Markdown
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
by info@thehackernews.com (The Hacker News) on May 29, 2026 at 2:39 pm
An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability. "The attacker compromised an internet-reachable Marimo notebook via CVE-2026-39987, extracted two cloud credentials from the compromised
New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
by info@thehackernews.com (The Hacker News) on May 29, 2026 at 11:31 am
A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone, with the activities aligning with Kremlin state interests, specifically when it comes to
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
by info@thehackernews.com (The Hacker News) on May 29, 2026 at 10:30 am
Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the open internet. Without Security or IT in the loop. The artifact moved from a prompt to a product. The risk surface moved with it. In The Shadow Builders report (get it here), a