Morning Overview on MSN

Palo Alto Networks just confirmed active exploitation of an authentication bypass in its GlobalProtect VPN — unpatched boxes now getting hit across the internet

Federal agencies have until June 1, 2026, to patch a critical authentication bypass in Palo Alto Networks’ GlobalProtect VPN, ...
The Hacker News

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

CVE-2026-0257 is being actively exploited on PAN-OS devices since May 17, 2026, enabling unauthorized VPN access and network exposure.

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks.
Bleeping Computer

GlobalProtect VPN portals probed with 2.3 million scan sessions

Malicious scanning activity targeting Palo Alto Networks GlobalProtect VPN login portals has increased 40 times in 24 hours, indicating a coordinated campaign. Real-time intelligence company GreyNoise ...
Infosecurity-magazine.com

Palo Alto's GlobalProtect VPN Spoofed to Deliver New Malware Variant

Palo Alto Networks has observed that GlobalProtect, its virtual private network (VPN) software, was leveraged to deliver a new variant of the WikiLoader loader malware. In a report published on ...
Dark Reading

Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit

Attackers are exploiting a security vulnerability in Palo Alto Networks' PAN-OS GlobalProtect VPN technology that allows them to bypass authentication and gain VPN access without valid credentials. In ...
Infosecurity Magazine

Palo Alto Warns High-Severity Bug Is Being Actively Exploited

A leading security vendor has warned customers that attackers are actively exploiting a high-severity CVE in one of its ...