Palo Alto Networks News Articles
Recent news articles refferecing the vendors vulnerabilities.
CybersecurityNewsCVE-2025-0107PoC Exploit Released for Palo Alto Expedition Tool OS Command Injection Vulnerability
A recently disclosed vulnerability in Palo Alto Networks' Expedition tool has raised significant security concerns, as a proof-of-concept (PoC) exploit has been released for CVE-2025-0107.
3 weeks ago
wiz.ioCVE-2024-0012Wiz Blog | Latest stories about Cloud Security
Guides, announcements, and articles about Cloud Security and the Wiz platform.
1 month ago
GBHackers NewsCVE-2024-3393CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a critical vulnerability in Palo Alto Networks PAN-OS.
1 month ago
Palo Alto sounds alarm over PAN-OS zero-day attacks
Palo Alto Networks says that customer devices could be under threat from an actively-targeted critical security flaw
1 month ago
Palo Alto Networks Patches Firewall Zero-Day Exploited for DoS Attacks
Palo Alto Networks has patched CVE-2024-3393, a vulnerability that has been exploited for DoS attacks against the company’s firewalls.
1 month ago
Information Security NewspaperCVE-2024-3393PAN-OS DoS Flaw: Is Your Network at Risk? Learn How to Secure It Now!
PAN-OS DoS Flaw: Is Your Network at Risk? Learn How to Secure It Now! - Vulnerabilities - Information Security Newspaper | Hacking News
1 month ago
Hackers exploit DoS flaw to disable Palo Alto Networks firewalls
Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot.
1 month ago
The Hacker NewsCVE-2024-3393Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately
CVE-2024-3393, a critical PAN-OS flaw (CVSS 8.7), allows unauthenticated DoS attacks; update to the latest patches to secure firewalls.
1 month ago
2K Palo Alto un-patched firewalls hacked despite warnings
Shadowserver reports 2,000 firewalls were hacked just two days after CISA put the two PAN-OS bugs on the KEV catalog.
2 months ago
DarktraceCVE-2024-3400Post-Exploitation Activities on PAN-OS Devices: A Network-Based Analysis | Darktrace Blog
This blog investigates the network-based activity detected by Darktrace in compromises stemming from the exploitation of a vulnerability in Palo Alto Networks firewall devices, namely CVE-2024-3400.
2 months ago
Palo Alto Globalprotect: Malicious code weakness via weak certificate validation
A vulnerability in Palo Alto Networks Globalprotect VPN app allows attackers to completely compromise computers.
2 months ago
New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products
Palo Alto Networks and SonicWall VPNs affected by vulnerabilities allowing remote code execution and privilege escalation.
2 months ago
Researchers reveal exploitable flaws in corporate VPN clients - Help Net Security
Vulnerabilities in Palo Alto Networks' (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients can be exploited to achieve RCE.
2 months ago
it-dailyCyberattacks on Palo Alto Networks firewall devices
Several security breaches were observed at companies from different industries in which firewall devices from Palo Alto Network were involved.
2 months ago
TheCyberThronePaloAlto devices are under massive exploitation
Researchers from Shadowserver have revealed that approximately 2,000 Palo Alto Networks firewalls have been compromised leavaraging recently discovered zeroday bugs. namely CVE-2024-0012 and CVE-2024-9474. This initial exploitation of the vulnerabilities has been named as “Operation Lunar Peek.” Pa...
2 months ago
HackreadOperation Lunar Peek: More Than 2,000 Palo Alto Network Firewalls Hacked
The Shadowserver Foundation say 2,000 Palo Alto Networks firewalls have been hacked via 2 0-day vulnerabilities: CVE-2024-0012 & CVE-2024-9474.
2 months ago
Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest
2 months ago
Over 2,000 Palo Alto firewalls hacked using recently patched bugs
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities.
2 months ago
The Hacker NewsWarning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
Palo Alto Networks urges fixes as 2,000 devices are hacked in exploits targeting critical flaws.
2 months ago
2,000 Palo Alto Networks devices compromised in latest attacks - Help Net Security
Attackers have compromised ~2,000 Palo Alto Networks firewalls by leveraging recently patched zero-days (CVE-2024-0012, CVE-2024-9474).
2 months ago
Australian Cyber Security MagazineCVE-2024-0012Palo Alto Tracking PAN-OS Authentication Bypass Exploitation Activity
Palo Alto Networks and Unit 42 are tracking a limited set of exploitation activities related to CVE-2024-0012 and are working with external researchers, partners, and customers to share information transparently and rapidly. An authentication bypass in Palo Alto Networks PAN-OS software enables an u...
3 months ago
The RegisterPalo Alto Networks patches firewall-busting zero-days
Palo Alto Networks (PAN) finally released a CVE identifier and patch for the zero-day exploit that caused such a fuss last week. The vendor dropped details of two vulnerabilities exploited as zero-days. The...
3 months ago
watchTowr Labs - BlogPots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474
Note: Since this is 'breaking' news and more details are being released, we're updating this post as more details become available (and as we think of better memes). Mash that F5 key every so often for a better blogpost experience! It's no big news that threat actors just love popping
3 months ago
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) - Help Net Security
Palo Alto Networks fixes two actively exploited zero-day vulnerabilities (CVE-2024-0012, CVE-2024-9474) in its next-generation firewalls.
3 months ago
Palo Alto Networks patches two firewall zero-days used in attacks
Palo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW).
3 months ago
Palo Alto Reports Two More Bugs In PAN-OS Being Exploited
Palo Alto Networks has confirmed the availability of patches to address these issues and said it is "tracking a limited set of exploitation activity" of these PAN-OS vulnerabilities.
3 months ago
Palo Alto Reports Two More Bugs In PAN-OS Being Exploited
Palo Alto Networks has confirmed the availability of patches to address these issues and said it is "tracking a limited set of exploitation activity" of these PAN-OS vulnerabilities.
3 months ago
Palo Alto NetworksCVE-2024-0012Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012
We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include protections and mitigations. We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting s...
3 months ago
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) - Help Net Security
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks' Expedition.
3 months ago
CISA adds two more vulnerabilities in Palo Alto Networks tools to exploited catalogue
CISA expands Known Exploited Vulnerabilities Catalogue with two newly identified vulnerabilities in Palo Alto Networks' Expedition tool.
3 months ago
CISA Warns of Actors Exploiting Two Palo Alto Networks Vulnerabilities
CISA has issued an urgent alert and added two new vulnerabilities related to Palo Alto Networks to its Known Exploited Vulnerabilities Catalog.
3 months ago
CISA warns of more Palo Alto Networks bugs exploited in attacks
CISA warned today that two more critical security vulnerabilities in Palo Alto Networks' Expedition migration tool are now actively exploited in attacks.
3 months ago
Palo Alto Networks warns of potential PAN-OS RCE vulnerability
Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface.
3 months ago
Help Net SecurityCVE-2024-5910Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) - Help Net Security
A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers.
3 months ago
The Cyber ExpressCVE-2024-5910CISA Says Palo Alto's CVE-2024-5910 Under Active Exploit
The U.S. CISA issued an urgent alert regarding an actively exploited vulnerability - CVE-2024-5910 in Palo Alto Networks' Expedition tool.
3 months ago
The Cyber ExpressCVE-2024-5910CISA Says Palo Alto's CVE-2024-5910 Under Active Exploit
The U.S. CISA issued an urgent alert regarding an actively exploited vulnerability - CVE-2024-5910 in Palo Alto Networks' Expedition tool.
3 months ago
The StackCISA: Critical Palo Alto Networks vulnerability exploited in the wild
Expedition, a migration tool, hit by bug that could allow attackers with network access to "access secrets, credentials, and other data".
3 months ago
Cyber Security NewsCVE-2024-5910CISA Warns of Palo Alto & Android Vulnerabilities Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent warnings regarding two critical vulnerabilities currently being exploited in the wild.
3 months ago
GBHackers NewsCVE-2024-5910CISA warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks’ Expedition tool, which could lead to severe security breaches. The vulnerability, CVE-2024-5910, is classified as a “Missing Authentication” flaw that potentially a...
3 months ago
Palo Alto Networks Expedition Vulnerability Exploited in Attacks, CISA Warns
CISA has added a Palo Alto Networks Expedition flaw tracked as CVE-2024-5910 to its Known Exploited Vulnerabilities Catalog.
3 months ago
CISA warns of critical Palo Alto Networks bug exploited in attacks
Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS.
3 months ago
6.2K Palo Alto firewalls still at risk as exploits increase
Proof-of-concept exploits for CVE-2024-3400 are now publicly available.
3 months ago
3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog
Urgent: Multiple critical vulnerabilities in Palo Alto Expedition require immediate patching. Learn about CVE-2024-9463 to CVE-2024-9467 and mitigation steps.
4 months ago
prophaze.comCVE-2024-9463CVE-2024-9463 : PALO ALTO EXPEDITION UP TO 1.2.95 DEVICE CONFIGURATION OS COMMAND INJECTION - Cloud WAF
CVE-2024-9463 : An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition.
4 months ago
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
CISA flags a critical Fortinet flaw under active exploitation. Palo Alto Networks and Cisco also release urgent security patches.
4 months ago
Palo Alto Networks warns of firewall hijack bugs with public exploit
Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls.
4 months ago
CERT-IN Warns About Vulnerabilities In Palo Alto Networks
CERT-IN has issued advisories regarding critical vulnerabilities in Palo Alto Networks applications. Users are urged to update to mitigate these risks.
5 months ago
Palo Alto NetworksCVE-2024-3400Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 (Updated May 20)
We detail Operation MidnightEclipse, a campaign exploiting command injection vulnerability CVE-2024-3400, and include protections and mitigations.
6 months ago