logo

Attackers are exploiting Palo Alto Networks defect that initially flew under the radar

ID: 5414eb53-cb45-5125-9b26-48d29872a5ba

STIX ID: report--5414eb53-cb45-5125-9b26-48d29872a5ba

Feed Name: CyberScoop

Threat Score
80/100

Date Published: 2026-06-01

Date Updated: 2026-06-04

Author: Matt Kapko

...
...

Researchers and vendors are responding to active exploitation of CVE-2026-0257, an authentication-bypass flaw in Palo Alto Networks firewalls that lets attackers forge authentication cookies to gain VPN access; Rapid7 observed multiple exploitation waves, Palo Alto escalated the severity and urged immediate patching, and CISA added the issue to its known exploited vulnerabilities catalog, though successful exploitation requires specific GlobalProtect configurations.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.