May 13, 2026 • 5 min read
ZYMP IT Security — May 13, 2026
Nation-State Actors Exploit Palo Alto PAN-OS Zero-Day for Weeks
GLOBAL
Palo Alto Networks has disclosed that nation-state actors exploited a zero-day vulnerability in PAN-OS software for several weeks before detection. The flaw, tracked as CVE-2026-0300, allowed attackers to gain root access to exposed firewalls and establish persistent access while hiding their traces. Security researchers identified multiple threat actor groups leveraging this vulnerability to target organizations across various sectors.
The attack involved sophisticated techniques to maintain access and evade detection. Palo Alto Networks has released emergency security patches and urged administrators of PAN-OS firewalls to apply updates immediately. The incident highlights the ongoing challenge of detecting zero-day exploits in critical network infrastructure before significant damage occurs.
Microsoft Patch Tuesday Fixes 120 Vulnerabilities Across Ecosystem
USA
Microsoft’s May 2026 Patch Tuesday addresses 120 vulnerabilities across Windows, Office, Azure, developer tools, and Microsoft 365 applications. The update includes 17 critical-rated vulnerabilities, with 14 allowing remote code execution. This month’s release focuses heavily on enterprise security, with no zero-day vulnerabilities disclosed in the wild.
Security experts recommend prioritizing patches for the critical remote code execution flaws, particularly those affecting widely deployed enterprise systems. Microsoft’s enterprise-focused approach reflects the growing importance of securing cloud and hybrid infrastructure against sophisticated threats targeting corporate environments.
Critical cPanel Vulnerability Exploited in Ransomware Campaigns
GLOBAL
A critical authentication vulnerability in cPanel, tracked as CVE-2026-41940, is being actively exploited by multiple threat actors to deploy ransomware and malware. Security researchers have observed campaigns using this flaw to install ransomware payloads, Mirai botnet malware, and steal sensitive data from compromised servers.
The vulnerability allows attackers to bypass authentication on vulnerable cPanel installations. cPanel has released security patches addressing the issue, and administrators are urged to update immediately. The widespread exploitation highlights the critical importance of promptly patching web hosting control panels used by millions of websites worldwide.
Critical GitHub Vulnerability Exposed Millions of Repositories
USA
A critical vulnerability in GitHub’s platform exposed millions of code repositories to potential unauthorized access. SecurityWeek reports that the flaw, which has since been patched, could have allowed attackers to access private repository data, potentially compromising intellectual property and sensitive code across numerous organizations.
GitHub addressed the vulnerability promptly and has notified affected users. The incident underscores the security challenges faced by large code-hosting platforms that serve as critical infrastructure for the global software development ecosystem. Organizations using GitHub are advised to review their repositories for signs of unauthorized access and implement additional security measures.
Nitrogen Ransomware Group Claims 8TB Data Theft from Foxconn
USA
The Nitrogen ransomware group has claimed responsibility for a significant data breach against Foxconn, alleging the theft of approximately 8TB of data. On May 11, 2026, the group published Foxconn on its leak site and released sample data to substantiate the claim. Cybersecurity analysts reviewing the samples identified files falling into three main categories.
The incident represents one of the largest claimed data thefts attributed to a ransomware operation in recent months. Foxconn has not yet publicly confirmed the breach or disclosed the nature of the compromised data. The attack highlights the ongoing threat ransomware groups pose to large multinational corporations and their supply chains.
ZY Media Productions
IT • Music • Technology