Recent Palo Alto Networks Vulnerability Exploited for Weeks
Hackers began exploiting CVE-2026-0257, an authentication bypass in Palo Alto Networks PAN-OS, four days after public disclosure. The post Recent Palo Alto Networks Vulnerability Exploited for Weeks appeared first on SecurityWeek.
Threat actors began targeting an authentication bypass vulnerability in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS just four days after public disclosure, Rapid7 warns.
Tracked as CVE-2026-0257 (CVSS score of 7.8), the high-severity security defect allows attackers to bypass restrictions and establish VPN connections to vulnerable appliances.
Palo Alto Networks released fixes for the bug on May 13, noting that it affects firewalls with GlobalProtect portal or gateway enabled, under certain configurations.
Source: https://www.securityweek.com/recent-palo-alto-networks-vulnerability-exploited-for-weeks/
Related breach coverage
- Hackers Targeted PraisonAI Vulnerability Hours After Disclosure2026-05-14
The first exploitation attempts were observed less than four hours after the authentication bypass was publicly disclosed. The post Hackers Targeted PraisonAI Vulnerability Hours After Disclosure appeared first on SecurityWeek.
- Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking2026-05-21
CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution. The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek.
- CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers2026-05-31
CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May 13. Two weeks later, cybersecurity firm Rapid7 confirmed active exploitation across multiple customer environments. The flaw impacts the GlobalProtect portal and gateway components of Palo Alto Networks PAN-OS […]
- Organizations Warned of Exploited Linux Kernel Vulnerability2026-06-03
An improper authentication bug allows attackers to escalate their privileges and escape containers. The post Organizations Warned of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.