Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks.
Bleeping Computer

New NachoVPN attack uses rogue VPN servers to install malicious updates

A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. AmberWolf security researchers ...
heise online

Palo Alto Globalprotect: Malicious code weakness via weak certificate validation

Palo Alto Networks Globalprotect app is used to establish VPN connections. A vulnerability allows attackers to inject malicious code and install it on vulnerable computers with elevated privileges. In ...