Palo Alto Networks News Articles

Palo Alto Networks vulnerabilities exploited in chained attack | Te...

Palo Alto Networks updated advisories for vulnerabilities CVE-2025-0111 and CVE-2025-0108 to warn customers of an exploit chain being used in attacks.

2 weeks ago

U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog.

2 weeks ago

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks.

2 weeks ago

Palo Alto confirms exploitation of critical vulnerability

Palo Alto strongly recommends that all organizations with Internet-facing PAN-OS administrator interfaces review configurations

3 weeks ago

Palo Alto warns another major firewall hack has been detected

Hackers are chaining three flaws to mount attacks on PAN-OS firewalls

3 weeks ago

Palo Alto Networks warns of active exploitation of PAN-OS firewall vulnerabilities

Palo Alto Networks has confirmed that multiple security vulnerabilities in its PAN-OS firewall software are being actively exploited.

3 weeks ago

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls.

3 weeks ago

Patch Now: Palo Alto Flaw Exploited in the Wild

The authentication bypass vulnerability in the OS for the company's firewall devices is under increasing attack and being chained with other bugs, making it imperative for organizations to mitigate the issue ASAP.

3 weeks ago

Palo Alto Networks tags new firewall bug as exploited in attacks

Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach devices in active attacks.

3 weeks ago

Palo Alto Warns of Hackers Combining Vulnerabilities to Compromise Firewalls

Palo Alto Networks has issued urgent warnings as cybersecurity researchers observe threat actors exploiting a combination of vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls.

3 weeks ago

Attackers are chaining flaws to breach Palo Alto Networks firewalls - Help Net Security

Exploitation attempts targeting CVE-2025-0108, an auth bypass vulnerability affecting Palo Alto Networks' firewalls, are ramping up.

3 weeks ago

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

CISA warns of active exploitation of Palo Alto Networks and SonicWall vulnerabilities, requiring agencies to patch by March 11, 2025, to secure networ

3 weeks ago

Palo Alto warns firewalls flaws are under active attack

A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems. This story starts with...

3 weeks ago

Hackers gain root access to Palo Alto firewalls through chained bugs

A recently disclosed medium-severity bug was chained with critical, older bugs to gain root-level access to PAN firewall systems.

3 weeks ago

Palo Alto Networks PAN-OS flaw risks authentication bypass

The vulnerability stems from path confusion between Nginx and Apache components.

3 weeks ago

Palo Alto Networks PAN-OS vulnerability exploited in the wild | Tec...

Palo Alto Networks said PAN-OS authentication bypass vulnerability CVE-2025-0108 came under attack in the wild following publication of a PoC exploit.

3 weeks ago

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability

Palo Alto Networks has confirmed that a recently patched firewall vulnerability tracked as CVE-2025-0108 is being actively exploited.

3 weeks ago

Hackers exploit authentication bypass in Palo Alto Networks PAN-OS

Hackers are launching attacks against Palo Alto Networks PAN-OS firewalls by exploiting a recently fixed vulnerability (CVE-2025-0108) that allows bypassing authentication.

3 weeks ago

Palo Alto PAN-OS: Exploit code for high-risk vulnerability has emerged

There are security gaps in the PAN-OS operating system for firewalls from Palo Alto Networks. Exploit code already exists for one of them.

3 weeks ago

Hackers Exploiting Newly Discovered PAN-OS Authentication Bypass Vulnerability

Threat actors actively exploit a new high-severity vulnerability, CVE-2025-0108, in Palo Alto Networks' PAN-OS.

3 weeks ago

Palo Alto PAN-OS 0-Day Vulnerability Let Attackers Bypass Web Interface Authentication

Palo Alto Networks has disclosed a critical vulnerability (CVE-2025-0108) in its PAN-OS software that could allow attackers to bypass authentication on the management web interface.

4 weeks ago

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) - Help Net Security

Palo Alto Networks has fixed a high-severity PAN-OS authentication bypass vulnerability (CVE-2025-0108), with a public PoC.

4 weeks ago

Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108) › Searchlight Cyber

Assetnote, now a searchlight cyber company, has uncovered a zero day auth bypass in the pan-os management interface new palo alto vulnerabilities discovered

4 weeks ago

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

Palo Alto Networks patches CVE-2025-0108, a PAN-OS flaw (CVSS 7.8) allowing authentication bypass. Update now.

4 weeks ago

Path Confusion in Nginx/Apache Leads to Critical Auth Bypass in PAN-OS

Palo Alto Networks has recently disclosed a critical vulnerability in its PAN-OS network security operating system, tracked as CVE-2025-0108.

4 weeks ago

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability

Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability.

4 weeks ago

Assetnote Discovers Additional Critical Vulnerability (CVE-2025-0108) in Palo Alto Networks Management Interface PAN-OS

Assetnote QUEENSLAND, AUSTRALIA, February 12, 2025 /EINPresswire.com/ -- - Assetnote, a Searchlight Cyber company, has identified a new critical vulnerability in the Palo Alto Networks management interface, known as PAN-OS. This discovery comes shortly after Palo Alto Networks’ November 18th advisor...

4 weeks ago

PoC Exploit Released for Palo Alto Expedition Tool OS Command Injection Vulnerability

A recently disclosed vulnerability in Palo Alto Networks' Expedition tool has raised significant security concerns, as a proof-of-concept (PoC) exploit has been released for CVE-2025-0107.

Wiz Blog | Latest stories about Cloud Security

Guides, announcements, and articles about Cloud Security and the Wiz platform.

CISA Warning: Exploited Vulnerability In PAN-OS Versions

The vulnerability, identified as CVE-2024-3393, is classified as a Denial of Service (DoS) issue in the DNS Security feature of PAN-OS versions.

CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a critical vulnerability in Palo Alto Networks PAN-OS.

Palo Alto sounds alarm over PAN-OS zero-day attacks

Palo Alto Networks says that customer devices could be under threat from an actively-targeted critical security flaw

Palo Alto Networks Patches Firewall Zero-Day Exploited for DoS Attacks

Palo Alto Networks has patched CVE-2024-3393, a vulnerability that has been exploited for DoS attacks against the company’s firewalls.

PAN-OS DoS Flaw: Is Your Network at Risk? Learn How to Secure It Now!

PAN-OS DoS Flaw: Is Your Network at Risk? Learn How to Secure It Now! - Vulnerabilities - Information Security Newspaper | Hacking News

Hackers exploit DoS flaw to disable Palo Alto Networks firewalls

Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot.

Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately

CVE-2024-3393, a critical PAN-OS flaw (CVSS 8.7), allows unauthenticated DoS attacks; update to the latest patches to secure firewalls.

2K Palo Alto un-patched firewalls hacked despite warnings

Shadowserver reports 2,000 firewalls were hacked just two days after CISA put the two PAN-OS bugs on the KEV catalog.

Post-Exploitation Activities on PAN-OS Devices: A Network-Based Analysis | Darktrace Blog

This blog investigates the network-based activity detected by Darktrace in compromises stemming from the exploitation of a vulnerability in Palo Alto Networks firewall devices, namely CVE-2024-3400.

Palo Alto Globalprotect: Malicious code weakness via weak certificate validation

A vulnerability in Palo Alto Networks Globalprotect VPN app allows attackers to completely compromise computers.

New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products

Palo Alto Networks and SonicWall VPNs affected by vulnerabilities allowing remote code execution and privilege escalation.

Researchers reveal exploitable flaws in corporate VPN clients - Help Net Security

Vulnerabilities in Palo Alto Networks' (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients can be exploited to achieve RCE.

Cyberattacks on Palo Alto Networks firewall devices

Several security breaches were observed at companies from different industries in which firewall devices from Palo Alto Network were involved.

PaloAlto devices are under massive exploitation

Researchers from Shadowserver have revealed that approximately 2,000 Palo Alto Networks firewalls have been compromised leavaraging recently discovered zeroday bugs. namely  CVE-2024-0012 and CVE-2024-9474. This initial exploitation of the vulnerabilities has been named as “Operation Lunar Peek.” Pa...

Operation Lunar Peek: More Than 2,000 Palo Alto Network Firewalls Hacked

The Shadowserver Foundation say 2,000 Palo Alto Networks firewalls have been hacked via 2 0-day vulnerabilities: CVE-2024-0012 & CVE-2024-9474.

Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities.

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

Palo Alto Networks urges fixes as 2,000 devices are hacked in exploits targeting critical flaws.

2,000 Palo Alto Networks devices compromised in latest attacks - Help Net Security

Attackers have compromised ~2,000 Palo Alto Networks firewalls by leveraging recently patched zero-days (CVE-2024-0012, CVE-2024-9474).

Palo Alto Tracking PAN-OS Authentication Bypass Exploitation Activity

Palo Alto Networks and Unit 42 are tracking a limited set of exploitation activities related to CVE-2024-0012 and are working with external researchers, partners, and customers to share information transparently and rapidly. An authentication bypass in Palo Alto Networks PAN-OS software enables an u...