#pan-os
5 stories taggedpan-os.

CISA Orders Federal Agencies to Patch Palo Alto Firewall Flaw Being Exploited Now
A misconfigured URL filtering setting in Palo Alto Networks firewall software is letting attackers weaponise the firewalls themselves — turning them into unwitting cannons pointed at other targets.

Palo Alto Confirms In-the-Wild Abuse of GlobalProtect Auth Bypass (CVE-2026-0257)
An unknown actor is exploiting a 7.8-rated authentication bypass in PAN-OS portals and gateways to slip past GlobalProtect logins.

CVE-2026-0257: Palo Alto GlobalProtect Authentication Bypass Hit in the Wild Within Days of Disclosure
A credential-less VPN session forgery flaw in PAN-OS moved from 'medium severity, no known exploitation' to CISA's KEV catalog in sixteen days. Federal agencies had 72 hours to patch.

Weekly Recap: Linux Privilege Flaw, PAN-OS Exploitation, and OAuth Phishing Surge
A patchy Monday across auth paths, repos, and dev tooling — with regulators watching the disclosure clock.

Palo Alto GlobalProtect Auth Bypass Hits Live Exploitation
CVE-2026-0257 lets attackers stand up unauthorized VPN sessions against PAN-OS and Prisma Access. Patches are out. So are the exploits.