MSN on MSN

Hackers are breaking into corporate networks through a Palo Alto VPN flaw, forging login cookies to walk straight past the password screen

Attackers are exploiting a newly cataloged flaw in Palo Alto Networks GlobalProtect VPN software to forge authentication cookies and connect to corporate networks without ever entering a password. The ...
The Hacker News

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

Palo Alto says CVE-2026-0257 is being exploited to bypass PAN-OS GlobalProtect authentication and create unauthorized VPN ...
Morning Overview on MSN

Palo Alto Networks just confirmed active exploitation of an authentication bypass in its GlobalProtect VPN — unpatched boxes now getting hit across the internet

Federal agencies have until June 1, 2026, to patch a critical authentication bypass in Palo Alto Networks’ GlobalProtect VPN, and the clock started ticking on May 29. That is a three-day remediation ...
latesthackingnews.com

Palo Alto’s GlobalProtect Authentication Bypass Was Exploited Four Days After Disclosure

CVE-2026-0257's GlobalProtect authentication bypass went from advisory to active exploitation in four days. The recurring ...