Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks.

Palo Alto says CVE-2026-0257 is being exploited to bypass PAN-OS GlobalProtect authentication and create unauthorized VPN ...

CVE-2026-0257's GlobalProtect authentication bypass went from advisory to active exploitation in four days. The recurring ...

CVE-2026-0257 is being actively exploited on PAN-OS devices since May 17, 2026, enabling unauthorized VPN access and network exposure.

Attackers are exploiting a newly cataloged flaw in Palo Alto Networks GlobalProtect VPN software to forge authentication ...

Organizations relying on Palo Alto Networks' GlobalProtect VPN for secure remote access should stay vigilant for any signs of a security breach. In recent weeks, there has been a sharp spike in ...

Federal agencies have until June 1, 2026, to patch a critical authentication bypass in Palo Alto Networks’ GlobalProtect VPN, and the clock started ticking on May 29. That is a three-day remediation ...

The credential-less authentication bypass offers attackers a stealthy route into enterprise networks without malware, phishing, or stolen credentials.

Palo Alto Networks has published an advisory about its Palo Alto GlobalProtect SSL VPN solution which is used by many organizations. The advisory was a response to research carried out by Orange Tsai ...

A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. AmberWolf security researchers ...

The VPN was not ‘the source of the vulnerability or impacted’ in the ransomware attack against distribution giant Ingram Micro, Palo Alto Networks says. Reports connecting the GlobalProtect VPN system ...