Summary
During week 22 of 2026, we recorded 10 advisory/vulnerability events and 14 incident/breach events (both down week-over-week). Breaches affect roughly 8.2 million individuals, driven largely by a 7.5 million-person Carnival Corporation breach from a social engineering attack. Key threats span active exploits (Ghost CMS, Palo Alto PAN-OS, KnowledgeDeliver), critical RCE vulnerabilities (7-Zip, Samba, Gogs, SharePoint), and ransomware campaigns. Malware/ransomware and third-party compromises are leading incident causes, mostly hitting healthcare.
Take Action:
Patch Palo Alto Networks PAN-OS / Prisma Access GlobalProtect now, it's already under active attack. Upgrade to 12.1.7, 11.2.12, 11.1.15, or 10.2.18-h6. If you can't patch immediately, disable the authentication override feature or use a separate certificate for cookie encryption that isn't shared with the HTTPS service.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)