CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

Related breach coverage

• U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
  2026-06-01

  U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2026-0257 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May […]

• Recent Palo Alto Networks Vulnerability Exploited for Weeks
  2026-06-01

  Hackers began exploiting CVE-2026-0257, an authentication bypass in Palo Alto Networks PAN-OS, four days after public disclosure. The post Recent Palo Alto Networks Vulnerability Exploited for Weeks appeared first on SecurityWeek.

• U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
  2026-06-02

  U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2024-21182 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2024-21182 flaw is an easily exploitable vulnerability affecting Oracle WebLogic […]

• Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
  2026-05-27

  A critical vulnerability, tracked as CVE-2026-45659, in Microsoft SharePoint can allow attackers to achieve remote code execution with little effort. Microsoft released security updates to patch a high-severity SharePoint vulnerability, tracked as CVE-2026-45659 (CVSS score of 8.8), that could allow remote code execution. The flaw does not require complex conditions for exploitation, making it a […]