TECH NEWS

Palo Alto VPN bug graduates from advisory to active exploitation

Rapid7: Attackers exploit authentication bypass flaw in the wild, meaning more emergency patching for PAN-OS users

Palo Alto customers are being been told to patch yet another internet-facing security flaw after researchers caught attackers bypassing GlobalProtect authentication and gaining unauthorized VPN access.

The flaw, tracked as CVE-2026-0257, affects PAN-OS deployments using GlobalProtect authentication override cookies under specific configurations.

Palo Alto disclosed the bug on May 13 and initially assigned it a medium-severity rating, saying it was aware of attempts to exploit it but had not observed any malicious exploitation.

That assessment has not aged well.

Security boffins at Rapid7 said they observed successful exploitation across multiple customer environments dating back to at least May 17 and validated the attack technique using its own proof-of-concept testing. Attackers established unauthorized VPN sessions on vulnerable systems, potentially granting access to internal corporate networks without legitimate credentials, it added.

Rapid7's analysis suggests the...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

Are Smart Bulbs More Expensive To Run Than Standard LEDs?

Do the benefits of features like dimming and scheduling make up for the constant energy draw needed for connectivity? We may receive a commission on purchases made from links. Smart bulbs have really caught on in recent years, and it's easy to see why. They are a breeze

Here's Your Daily Reminder That You Don't Own Digital Content

People in Europe will soon lose access to Studio Canal movies they paid for on the PlayStation Store. Sony has notified customers in a handful of European countries that they'll soon lose access to some movies that they've purchased through the PlayStation Store due to the

https://images.ctfassets.net/jdtwqhzvc2n1/5LGSLA7R28yeWuRev76Ial/a1f373359767487b9c6315ab18f28095/u7277289442_A_data_engineer_is_sitting_at_a_dashboard_with_ch_56764e66-764f-496b-bab2-2e7a...

Claude Code turned every engineer into three. Now companies need more product thinkers

Anthropic recently told its growth team to hire more product managers, not fewer. The reason, as reported in industry coverage, was that Claude Code had quietly turned its engineering org into a team that ships at roughly three times its actual headcount, and the bottleneck moved from the integrated development

https://image.cnbcfm.com/api/v1/image/108319954-1781127771079-gettyimages-2280313988-ag_knicks_game4_07.jpeg?v=1781127804&w=1920&h=1080

Sports clips' rise on platforms like YouTube has left broadcasters debating whether to use them to attract younger viewers or protect their subscription revenue

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.

Read more

Are Smart Bulbs More Expensive To Run Than Standard LEDs?

Here's Your Daily Reminder That You Don't Own Digital Content

Claude Code turned every engineer into three. Now companies need more product thinkers

Sports clips' rise on platforms like YouTube has left broadcasters debating whether to use them to attract younger viewers or protect their subscription revenue