PAN-OS GlobalProtect actively exploited; Russian infrastructure dismantled; Linux kernel flaw

### Executive summary The briefing reports active exploitation of a Palo Alto PAN-OS GlobalProtect authentication bypass (CVE-2026-0257), a Linux kernel local root escalation (CIFSwitch), the dismantling of Russian-linked hosting infrastructure with arrests, abuse of ChatGPT share links to deliver malware, and multiple large data breaches (Carnival, Charter, 23andMe), and recommends urgent patching, monitoring, and containment measures.