The team’s AI agent captured root privileges on the newly released Samsung S26 smartphone with Exynos 2600, marking the first post‑One UI 8 bootloader‑lock exploit, and demonstrated the vulnerability via a command‑wrapper app that runs entirely in the application context.
A detailed analysis of CVE‑2026‑0300 reveals how a nation‑backed group exploited a buffer‑overflow in PAN‑OS's Captive Portal to obtain root on Palo Alto firewalls, outlining the attack chain, affected versions, immediate mitigations, long‑term remediation, compliance impacts, and lessons learned.
Researchers dissect the DirtyPipe (CVE‑2022‑0847) Linux kernel flaw affecting Android, explaining its uninitialized flag bug in splice, the patch changes, and detailed exploitation techniques that modify read‑only .so files to achieve arbitrary writes, bypass SELinux, and ultimately obtain root privileges.
Researchers uncovered a 12‑year‑old vulnerability in Linux’s Polkit (CVE‑2021‑4034, dubbed PwnKit) that lets attackers exploit the pkexec utility to gain unrestricted root privileges on most major distributions, prompting urgent patching recommendations and mitigation steps for administrators.
