CISO Daily Digest: CISA Warns of Palo Alto GlobalProtect Vulnerability (20260601)
Key cybersecurity events and threats as of June 01, 2026
CISA Warns Palo Alto Networks GlobalProtect Vulnerability Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Palo Alto Networks GlobalProtect vulnerability to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. The authentication bypass flaw allows attackers to circumvent security controls on VPN gateways used by thousands of organizations worldwide. Palo Alto Networks has urged customers to apply patches immediately, as security researchers observed threat actors leveraging the vulnerability to gain unauthorized network access.
π εθθ³ζοΌ ηΆεε ±ε°οΌiThomeγThe Hacker NewsοΌ
ζ¬ι±ζ΄»θΊε¨θ
π WP Maps Pro Critical Flaw Actively Exploited to Create Admin Accounts
A severe vulnerability in the WP Maps Pro WordPress plugin is under active exploitation, allowing attackers to create unauthorized administrator accounts on vulnerable sites. Site administrators are urged to update immediately.
π Reference: The Hacker News
π Russian Hacker Group Secret Blizzard Expands Kazuar Backdoor into Botnet
The Russia-linked threat group Secret Blizzard has evolved its Kazuar backdoor into a full botnet infrastructure, enhancing its stealth and persistence capabilities for long-term espionage operations.
π Reference: iThome
π Fake FIFA World Cup Phishing Domains Surge by Over 2,700 in April
Threat actors registered over 2,700 fraudulent FIFA World Cup-themed domains in April alone, deploying phishing sites that persist even after takedown attempts due to rapid re-establishment mechanisms.
π Reference: iThome
π FBI Warns U.S. Law Firms of Impersonation Attacks Targeting Sensitive Data
The FBI has issued a warning to U.S. law firms about hackers impersonating IT personnel β sometimes even showing up in person β to steal sensitive client data from legal practices.
π Reference: iThome
π ChatGPT Vulnerability ChatGPhish Enables Phishing via Web Summaries
Researchers discovered a novel attack vector (ChatGPhish) that exploits ChatGPTβs web summary feature to craft convincing phishing campaigns, turning a useful AI capability into a social engineering weapon.
π Reference: Xakep
π Fake ChatGPT and Claude Installer Sites Distribute Malware to Developers
Hackers are operating fake installer websites for ChatGPT and Claude that trick developers into downloading malware, stealing account credentials and development environment data.
π Reference: iThome