Tag Palo Alto Networks

April 12, 2026

Microsoft Alerts Users to Cross-Account Takeover Vulnerability in Azure Container Instances

On September 10, 2021, Microsoft announced that it had fixed a security flaw in its Azure Container Instances (ACI) service that could be exploited by malicious actors to gain unauthorized access to information from other customers. Researchers referred to this vulnerability as the “first cross-account container takeover in the public cloud.” An attacker could use this weakness to execute harmful commands on other users’ containers, potentially stealing customer secrets and deployed images. Microsoft did not provide further details about the flaw but advised affected customers to “revoke any privileged credentials that were deployed to the platform before August 31, 2021.” Azure Container Instances enables users to run Docker containers directly in a serverless cloud environment without the need for virtual machines, clusters, or orchestration tools. Palo Alto Networks’ Unit 42 threat intelligence team identified the vulnerability…

Microsoft Identifies Vulnerability in Azure Container Instances Leading to Potential Cross-Account Breach On September 8, 2021, Microsoft announced the mitigation of a critical vulnerability in its Azure Container Instances (ACI) service that posed a significant threat to the security of multiple customers. This flaw, noted by researchers as the “first…

April 8, 2026

Experts Uncover Malicious Code Exploiting Vulnerability in ManageEngine ADSelfService

On November 8, 2021, it was revealed that at least nine organizations in the technology, defense, healthcare, energy, and education sectors were compromised due to a recently patched critical vulnerability in Zoho’s ManageEngine ADSelfService Plus self-service password management and single sign-on (SSO) solution. This surveillance campaign, which began on September 22, 2021, saw attackers exploiting the flaw to gain initial access, subsequently moving laterally within the networks to conduct post-exploitation activities. They deployed malicious tools designed to harvest credentials and exfiltrate sensitive data through a backdoor. “The attackers relied heavily on the Godzilla web shell, uploading various versions of this open-source tool to the compromised servers throughout the operation,” reported researchers from Palo Alto Networks’ Unit 42 threat intelligence team. “Several other tools exhibited unique characteristics or functionalities…”

Experts Uncover Malicious Code Exploiting Vulnerability in ManageEngine ADSelfService On November 8, 2021, it was disclosed that a cyber espionage campaign had exploited a recently patched critical vulnerability in Zoho’s ManageEngine ADSelfService Plus platform, which is widely used for self-service password management and single sign-on (SSO) solutions. The breach has…

March 3, 2026

Quantum’s Unpredictable Emergence Poses a Strategic Dilemma for CIOs

Encryption & Key Management, Security Operations The Quantum Countdown: Is the C-Suite Prepared? Jennifer Lawinski • March 2, 2026 Scientists assemble the cryogenic part of the quantum computer, December 2019. (Image: FMBLab/CC BY 4.0) Quantum computing has lingered at the periphery of enterprise technology for years, yet its implications for…

March 2, 2026

Why Claude Code Security is Disrupting the Cybersecurity Market

Application Security, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development How Claude’s New AI Code Scanning Tool Will Challenge Application Security Leaders Michael Novinson (MichaelNovinson) • February 23, 2026 The launch of Claude Code Security has positioned Anthropic in direct competition with leading cybersecurity firms, drawing significant attention…

March 2, 2026

Active Exploitation of React2Shell Vulnerability for Linux Backdoor Deployment

A significant security vulnerability known as React2Shell is currently being exploited by cybercriminals to deploy various malware strains, including KSwapDoor and ZnDoor, as reported by Palo Alto Networks’ Unit 42 and NTT Security. The exploitation of this vulnerability poses urgent risks to organizations, particularly those leveraging React and Next.js frameworks.…

February 28, 2026

New Menlo Security CEO Focuses on Agentic AI Runtime Protection

Artificial Intelligence & Machine Learning, Data Security, Next-Generation Technologies & Secure Development Former Mandiant Executive Bill Robbins Aims to Advance Browser-Based AI Security Michael Novinson (MichaelNovinson) • February 27, 2026 Bill Robbins, CEO, Menlo Security (Image: Menlo Security) Menlo Security has appointed Bill Robbins, a seasoned leader from Mandiant, as…

February 27, 2026

⚡ Weekly Highlights: Fortinet Vulnerabilities, RedLine Clipjack, NTLM Cracking, Copilot Attack & More

Emerging Cyber Threats: A Week in Review In the swiftly evolving landscape of cybersecurity, the distinctions between routine updates and significant breaches are increasingly blurred. Systems that once appeared secure are now subject to relentless challenges posed by new artificial intelligence tools, interconnected devices, and intricate automated systems. These innovations…

February 21, 2026

Hospitals Threatened by BeyondTrust Ransomware Attacks

Fraud Management & Cybercrime, Identity & Access Management, Ransomware Critical Vulnerability Could Provide Attackers Access to Clinical Networks Marianne Kolbasuk McGee (HealthInfoSec) • February 20, 2026 The Department of Health and Human Services along with industry officials are advising healthcare organizations to patch a critical flaw in BeyondTrust’s remote support…

February 20, 2026

Critical Security Vulnerability Discovered in “jsonwebtoken” Library Utilized by Over 22,000 Projects

High-Severity Flaw in jsonwebtoken Library Poses Remote Code Execution Risk A significant security vulnerability has been discovered in the widely used open-source jsonwebtoken (JWT) library, which could allow attackers to execute arbitrary code on servers processing maliciously crafted JSON web token requests. This issue has been tracked as CVE-2022-23529 and…