TECH NEWS

Palo Alto VPN bug graduates from advisory to active exploitation

Rapid7: Attackers exploit authentication bypass flaw in the wild, meaning more emergency patching for PAN-OS users

Palo Alto customers are being been told to patch yet another internet-facing security flaw after researchers caught attackers bypassing GlobalProtect authentication and gaining unauthorized VPN access.

The flaw, tracked as CVE-2026-0257, affects PAN-OS deployments using GlobalProtect authentication override cookies under specific configurations.

Palo Alto disclosed the bug on May 13 and initially assigned it a medium-severity rating, saying it was aware of attempts to exploit it but had not observed any malicious exploitation.

That assessment has not aged well.

Security boffins at Rapid7 said they observed successful exploitation across multiple customer environments dating back to at least May 17 and validated the attack technique using its own proof-of-concept testing. Attackers established unauthorized VPN sessions on vulnerable systems, potentially granting access to internal corporate networks without legitimate credentials, it added.

Rapid7's analysis suggests the...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

https://assets.newatlas.com/dims4/default/22fc7d1/2147483647/strip/true/crop/3996x2098+0+261/resize/1200x630!/quality/85/?url=https%3A%2F%2Fnewatlas-brightspot.s3.amazonaws.com%2F44%2F87%2...

We hung out with around 100 robots – and here are the bizarre highlights

Humanoids may be winning marathons and getting factory jobs, but after spending a few days with around 100 different robots of all shapes and sizes, one thing was clear: There's a chasm separating viral demonstration video and reality. At the recent InnoEX technology expo in Hong Kong, humanoids,

Therabody's Latest Recovery Tool Will Cost You $400 To Cool Your Palms

The CryoTherm Palm can switch between cold, heat and contrast therapy. Therabody is known for its massage guns that help with post-workout recovery, but its latest device gives you a little extra oomph during your exercise. According to Therabody, the CryoTherm Palm cools your hands in order to kick the

https://cdn.arstechnica.net/wp-content/uploads/2026/06/giles-TOP-1152x648.jpg

RIP Anthony Head: Our 10 favorite moments of Buffy's Giles

“The earth is doomed” Head’s true genius—and that of his character, Giles—lay in quietly filling in the gaps in every scene Credit: 20th Television/The WB On Friday, news broke of the passing of actor Anthony Head at 72, best known for his portrayal of Watcher/father

https://www.zdnet.com/a/img/resize/c20213dc974d2ad423d164df9fcbbbf5468b9bac/2026/06/04/5495cab1-4520-44fe-b9f9-157c658c7ee0/img-4703.jpg?auto=webp&fit=crop&height=675&width=1200

I drove with Apple CarPlay for over 25,000 miles last year - these apps were the most essential

Follow ZDNET: Add us as a preferred source on Google. ZDNET's key takeaways * CarPlay makes iPhone apps easier to use in the car. * Keep your focus on driving, not apps. * Most CarPlay apps mirror the apps on your iPhone. I like driving, which is a good thing since

Read more

We hung out with around 100 robots – and here are the bizarre highlights

Therabody's Latest Recovery Tool Will Cost You $400 To Cool Your Palms

RIP Anthony Head: Our 10 favorite moments of Buffy's Giles

I drove with Apple CarPlay for over 25,000 miles last year - these apps were the most essential