PAN-OS RCE Exploited in Wild; Meta Privacy; Defense Data Leak

Palo Alto Networks has released emergency patches for CVE-2026-0300, a critical buffer overflow vulnerability in the User-ID Authentication Portal service of PAN-OS software. The flaw allows unauthenticated attackers to execute arbitrary code with root privileges via specially crafted packets. Security researchers have confirmed active exploitation since at least April 2026, with threat actors deploying payloads including EarthWorm and ReverseSocks5. Organizations running affected PAN-OS versions should apply the latest security updates immediately and monitor for indicators of compromise. Administrators can verify their exposure using our port scanner to identify exposed management interfaces.

Meta has launched Incognito Chat, a new privacy-focused feature for Meta AI interactions across Facebook, Instagram, and WhatsApp. The feature leverages Trusted Execution Environment (TEE) technology to process AI queries without storing conversations on Meta's servers. CEO Mark Zuckerberg emphasized that not even Meta can access these interactions, drawing parallels to end-to-end encrypted messaging. The underlying Private Processing infrastructure already powers message summarization and composition tools. Users concerned about their previous AI interaction data should verify their exposure using our email breach checker.

Schemata, an AI-powered virtual training platform used by military and defense contractors, suffered a significant data exposure through API endpoints lacking proper authorization controls. The vulnerability allowed low-privilege accounts to access cross-tenant data including user listings, organization records, course information, and direct links to documents stored on AWS instances. While Schemata stated no evidence of active exploitation exists, the breach potentially exposed sensitive military training materials tied to Department of Defense contracts. Security teams should audit their API access controls and verify credential security using our password checker to prevent similar authentication bypass attacks.