Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks.
The post Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls appeared first on SecurityWeek.
Continue reading Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability

Palo Alto Networks has confirmed that a recently patched firewall vulnerability tracked as CVE-2025-0108 is being actively exploited.
The post Palo Alto Networks Confirms Exploitation of Firewall Vulnerability appeared first on SecurityWeek.
Continue reading Palo Alto Networks Confirms Exploitation of Firewall Vulnerability

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure

Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure. 
The post Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure appeared first on SecurityWeek.
Continue reading Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability

Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability.
The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on SecurityWeek.
Continue reading Palo Alto Networks Patches Potentially Serious Firewall Vulnerability

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is no… Continue reading PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

48,000+ internet-facing Fortinet firewalls still open to attack

Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too many vulnerable devices are still accessible from the Internet and open to a… Continue reading 48,000+ internet-facing Fortinet firewalls still open to attack

Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?

A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publicized on an underground forum by the threat actor that… Continue reading Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?

Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)

Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that has been exploited as a zero-day by attackers to compromise publicly-exposed FortiGate firewalls. While Fortin… Continue reading Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)