This roundup highlights a wave of active threats, from Palo Alto Networks PAN-OS exploitation and Langflow RCE abuse to phishing-driven intrusions, data exposure, and supply chain abuse. Attackers are increasingly blending trusted tools, fake support channels, and open-source components to steal credentials, deploy payloads, and maintain covert access. #PANOS #CVE20260300 #OperationGriefLure #ModeloRAT #GhostLock #TeamPCP #ShaiHulud #Langflow #CVE202633017 #NATS
Keypoints
- Palo Alto Networks patched CVE-2026-0300 after limited exploitation was observed.
- Attackers used spear-phishing and fake files to deliver RATs, infostealers, and ScreenConnect abuse.
- Teams helpdesk impersonation led to ModeloRAT deployment, privilege escalation, and credential theft.
- TeamPCP and Breached forum promoted a supply chain attack competition using the Shai-Hulud worm.
- New techniques included tokenizer tampering, GhostLock file locking, and NATS-as-C2 for covert control.
Read More: https://thehackernews.com/2026/05/threatsday-bulletin-pan-os-rce-mythos.html