ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories  Ravie Lakshmanan  May 14, 2026 Hacking News / Cybersecurity News Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years ago. The mess keeps getting louder: users get tricked, boxes get popped, tools meant for normal work get used for bad stuff, and nobody seems shocked anymore. Great. Love that for us. Anyway. Let’s get into it. Exploited PAN-OS RCE Palo Alto Networks Releases Fixes for Exploited Flaw Palo Alto Networks has released the first round of fixes to address CVE-2026-0300 , a critical buffer overflow vulnerability in the User-ID Authentication Portal service of PAN-OS software that could allow an unauthenticated attacker to execute arbitrary code with root privileges by sending specially crafted packets. The company said it has observed the flaw being exploited in limited attacks since at least last month, with unknown threat actors leveraging it to drop payloads like EarthWorm and ReverseSocks5. Private AI chats Meta Announces Incognito Chat Meta has announced Incognito Chat with Meta AI in its namesake app and WhatsApp. Incognito Chat is "a completely private way to interact with AI, similar to how end-to-end encryption means no one can read your conversations, even Meta or WhatsApp," CEO Mark Zuckerberg said. "Incognito Chat handles all AI inference in a Trusted Execution Environment that ensures your messages are not accessible to us. The conversations on your phone also disappear when you exit the session." The feature is powered by Private Processing, which already underlies its message summarization and composition tools. Zero-auth data leak Defense Company Exposes Sensitive Data A defense technology company with Department of Defense contracts exposed user records and military training materials through API endpoints that lacked meaningful authorization checks. The issue affected Schemata, an AI-powered virtual training platform used in military and defense settings. According to Strix , an ordinary low-privilege account was able to access data across multiple tenants, including user listings, organization records, course information, training metadata, and direct links to documents hosted on Schemata’s Amazon Web Services instances. In a statement posted on the company’s website, Schemata said it did not have "evidence that any third party exploited the vulnerability to access customer data." Router update reprieve FCC Softens Foreign Router Ban The U.S. Federal Communications Commission (FCC) has extended the deadline for owners of banned internet routers to provide security updates to U.S.-based users by two years. In March 2026, the FCC banned the import and sale of all "consumer-grade" internet routers produced in a foreign country, citing unacceptable national security risks. In a new public notice published last week, the Commission's Office of Engineering and Technology (OET) said it is extending this deadline until "at least" January 1, 2029. That said, the extension only applies to software and firmware updates so as to ensure the continued safety of already deployed routers in the U.S. and mitigate potential harm. "These include all software and firmware updates to ensure the continued functionality of the devices, such as those that patch vulnerabilities and facilitate compatibility with different operating systems," per the FCC . APT phishing campaign Operation GriefLure Targets Vietnam and the Philippines A new state-sponsored threat cluster dubbed Operation GriefLure has been observed targeting Vietnam's telecom and the Philippines' healthcare sectors with a RAR archive distributed via spear-phishing emails to deploy a remote access trojan on compromised hosts, while leveraging credible decoy documents to give them a veneer of legitimacy and trust. The malware is capable of process enumeration, screenshot capture, file and directory listing, credential harvesting, and file execution capabilities. JPEG PowerShell lure Operation SilentCanvas Drops ScreenConnect for Remote Access A multi-stage intrusion campaign has been observed leveraging a weaponized PowerShell payload disguised as a legitimate JPEG image file to deliver a trojanized instance of ConnectWise ScreenConnect to stealthy remote access. "The intrusion likely originated through social engineering techniques such as phishing emails, malicious attachments, deceptive file-sharing interactions, or fake update lures involving a malicious file named sysupdate.jpeg," CYFIRMA said . "The payload was specifically crafted to exploit user trust and bypass conventional file-extension validation mechanisms while blending malicious activity with legitimate enterprise software." Aid-themed infostealer Operation HumanitarianBait Drops Python Infostealer A targeted cyber espionage campaign is leveraging social engineering and trusted infrastructure to establish persistent access to victim systems. The activity, which employs lure themes centred around humanitarian aid, is assessed to target Russian-speaking individuals or entities. "The attack is delivered via phishing emails containing a malicious LNK file disguised within a RAR archive, using a Russian humanitarian aid request form to exploit contextual trust," Cyble said . "Execution triggers a stealthy, multi-stage infection chain in which a decoy document is presented to the user while a heavily obfuscated, fileless (PE-less) Python-based implant is silently deployed." The payload is retrieved from GitHub Releases, allowing the operator to blend in with legitimate enterprise activity. The implant operates as a "full-spectrum surveillance platform," facilitating credential harvesting, keystroke logging, clipboard and screenshot capture, sensitive data exfiltration, and covert remote access. Ransomware-like file lock New GhostLock Technique Blocks File Access A new proof-of-concept (PoC) tool dubbed GhostLock, created by Kim Dvash of Israel Aerospace Industries, has revealed that it's possible for a domain user with read access to a file share to deny access to files without the need for deploying any ransomware or requiring elevated privileges. "By calling CreateFileW with dwShareMode = 0x00000000 across a target share, a low-privileged user holds files in an exclusively locked state indefinitely," Dvash said . "Other clients receive STATUS_SHARING_VIOLATION (0xC0000043) on every access attempt. ERP systems fail. Workflow queues stall. The impact is indistinguishable from encrypted ransomware. The attack produces none of the signals that encrypted ransomware produces." The disruptive technique is not a vulnerability, but rather documented behavior required for data integrity. GhostLock affects "any organization running SMB-backed shared file infrastructure where users have standard domain credentials and network access to file shares." AI scan false positives Anthropic Mythos Finds Single Bug in cURL cURL developer Daniel Stenberg said that Anthropic Mythos model's scan of the utility five "confirmed security vulnerabilities," out of which one was a low-severity bug, while the rest were false positives. "The single confirmed vulnerability is going to end up a severity low CVE planned to get published in sync with our pending next curl release 8.21.0 in late June," Stenberg said . "The flaw is not going to make anyone grasp for breath. All details of that vulnerability will ofcourse not get public before then, so you need to hold out for details on that." Stenberg, however, acknowledged that artificial intelligence powered code analyzers are significantly better at finding security flaws and mistakes in source code than any traditional code analyzers. Fraud intel pact India Announces New Measures to Tackle Cyber-Enabled Financial Fraud The Indian Cyber Crime Coordination Centre (I4C), along with the Ministry of Home Affairs, and Reserve Bank Innovation Hub (RBIH), have signed a Memorandum of Understanding (MoU) to "facilitate cooperation in the areas of fraud-risk intelligence sharing, analytical support, and operational coordination for strengthening proactive fraud detection and prevention mechanisms." The goal is to combat cyber-enabled financial fraud and curtail mule accounts across the banking and digital payments ecosystem. OnlyFans ransomware lure New Campaign Uses OnlyFans Lures to Drop crpx0 Ransomware Attackers are enticing users seeking "free OnlyFans accounts" to download a seemingly harmless ZIP file that contains the crpx0 ransomware. The activity targets both Windows and macOS systems. "Inside that ZIP file is a small trick, a malicious shortcut disguised as something legitimate. When the user clicks it, it quietly executes hidden commands," Aryaka said . "A VBScript loader prepares the system and silently installs the components needed to run Python-based code. This is where the attack becomes more flexible. Rather than relying on a single static payload, the attackers now have a programmable environment. Once the Python script is running, it connects to a remote server." The Python-based malware allows the attackers to send commands, update the malware, or deploy new payloads. This enables system profiling, clipboard hijacking to conduct cryptocurrency theft, seed phrase harvesting, andransomware deployment. ClickFix proxy access New ClickFix Campaign Uses PySoxy A new ClickFix campaign carried out via a compromised website has been observed using scheduled tasks for persistence and PySoxy , an open-source Python SOCKS5 proxy, to establish encrypted proxy access. "In the observed chain, one user-executed command led to persistence, domain reconnaissance, an initial PowerShell-based command-and-control (C2) channel, and a second C2 path thr