Palo Alto Networks News Articles

PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April 29.

2 weeks ago

Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April - IT Security News

A critical zero-day vulnerability in Palo Alto Networks PAN-OS software has been actively exploited by a likely state-sponsored threat actor since at least April 2026, the company revealed in a security advisory published on May 6, 2026. Tracked as CVE-2026-0300,…Read more →

2 weeks ago

State-sponsored hackers likely behind zero-day attacks on Palo Alto firewalls - Help Net Security

Palo Alto Networks says attacks leveraging zero-day vulnerability (CVE-2026-0300) in its firewalls are likely state sponsored.

2 weeks ago

Palo Alto Networks firewall zero-day exploited for nearly a month

Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month.

2 weeks ago

U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog - IT Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Palo Alto Networks PAN-OS, tracked as CVE-2026-0300…Read more ...

2 weeks ago

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking

Palo Alto Networks has shared information on the exploitation of the recent zero-day vulnerability affecting some of its firewalls.

2 weeks ago

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

Palo Alto Networks is working on patches for a critical PAN-OS zero-day that has been exploited to hack some of the company’s firewall models.

2 weeks ago

Palo Alto Networks Firewall Zero-Day Exploited in Active Attacks  | eSecurity Planet

Palo Alto Networks disclosed a critical PAN-OS firewall vulnerability that is being actively exploited.

2 weeks ago

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

CVE-2026-0300 exploited via public PAN-OS portal before May 13, 2026 patch, enabling root RCE on firewalls.

2 weeks ago

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls - IT Security News

CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. The post Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…Read more →

2 weeks ago

Critical Palo Alto Firewalls Vulnerability Exploited in the Wild to Gain Root Access - IT Security News

Palo Alto Networks has disclosed a critical buffer overflow vulnerability in PAN-OS software, tracked as CVE-2026-0300, that is already being actively exploited in the wild. The flaw carries a CVSS 4.0 score of 9.3 (CRITICAL) and allows unauthenticated attackers to…Read more →

2 weeks ago

Critical Palo Alto Firewalls Vulnerability Exploited in the Wild to Gain Root Access

Palo Alto Networks has disclosed a critical buffer overflow vulnerability in PAN-OS software, tracked as CVE-2026-0300, that is already being actively exploited in the wild.

2 weeks ago

ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

Digest: Claude hardens safety, CVE-2024-3400 scans surge, Drive blocks ransomware, CarPlay RCE persists.

CVE-2025-0133 Impact, Exploitability, and Mitigation Steps | Wiz

Understand the critical aspects of CVE-2025-0133 with a detailed vulnerability assessment, exploitation potential, affected technologies, and remediation guidance.

Critical Vulnerability in Palo Alto GlobalProtect Gateway & Portal Enables Remote Code Execution

Reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks’ GlobalProtect gateway and portal features (CVE-2025-0133) has been disclosed.

NodeZero: Testing for Exploitability of Palo Alto Networks CVE-2024-3400

On April 12 (and then updated again on April 20), Palo Alto Networks released an advisory about a vulnerability in the PAN-OS® software that runs Palo Alto Networks® Next-Generation Firewalls (NGFWs).

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0108(link is external) Palo Alto PAN-OS Authentication Bypass...

H-ISAC TLP White Threat Bulletin Palo Alto PAN-OS Firewall Flaw CVE-2025-0111 Used in Exploit Chaining Attacks | AHA

Palo Alto recently disclosed that PAN-OS firewalls vulnerable to CVE-2025-0111 are being used in exploit chain attacks.

Palo Alto Networks vulnerabilities exploited in chained attack | Te...

Palo Alto Networks updated advisories for vulnerabilities CVE-2025-0111 and CVE-2025-0108 to warn customers of an exploit chain being used in attacks.

U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog.

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks.

Palo Alto confirms exploitation of critical vulnerability

Palo Alto strongly recommends that all organizations with Internet-facing PAN-OS administrator interfaces review configurations

Palo Alto warns another major firewall hack has been detected

Hackers are chaining three flaws to mount attacks on PAN-OS firewalls

Palo Alto Networks warns of active exploitation of PAN-OS firewall vulnerabilities

Palo Alto Networks has confirmed that multiple security vulnerabilities in its PAN-OS firewall software are being actively exploited.