Authentication bypass vulnerabilities (CVE-2026-0257) in Palo Alto Networks’ firewalls that the company disclosed on May 13 have been targeted in “limited exploit attempts”. “Across multiple customers, Rapid7 observed successful exploitation via authentication probes using forged cookies, but the appliance accepted the cookie without a full VPN session being established in 8 out of 10 impacted [Managed Detection Response] customers.” The good news, though, is that the company hasn’t observed any indication of successful lateral movement … More →
The post Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257) appeared first on Help Net Security.