Updated
Updated · The Hacker News · May 31
CISA Adds PAN-OS CVE-2026-0257 to KEV, Orders Fixes by June 1
Updated
Updated · The Hacker News · May 31

CISA Adds PAN-OS CVE-2026-0257 to KEV, Orders Fixes by June 1

9 articles · Updated · The Hacker News · May 31
  • CISA added CVE-2026-0257 to its Known Exploited Vulnerabilities catalog and told federal civilian agencies to mitigate the PAN-OS flaw by June 1.
  • Palo Alto Networks said the 7.8-severity bug lets attackers bypass GlobalProtect authentication and establish unauthorized VPN connections on affected PAN-OS and Prisma Access systems.
  • Rapid7 said it saw successful exploitation across numerous customers, with activity starting May 17 and a second wave on May 21; in two cases, attackers received VPN IP addresses and reached internal networks.
  • The flaw affects firewalls using GlobalProtect portal or gateway when authentication override cookies are enabled with a specific certificate setup; Palo Alto urged patching or, temporarily, disabling override cookies or rotating certificates.
A single hacker breached a top security vendor. Does this reveal a fundamental flaw in how critical network appliances are designed?
With AI generating exploits in hours, is the proposed 72-hour federal patching deadline already obsolete?

Related Stories

The Hacker NewsMay 31
blog.gridinsoft.comMay 31
rodtrent.substack.comMay 30
runzero.comMay 31
CybersecurityNewsMay 31
securereading.comMay 31
YouTubeMay 31
mondoo.comMay 31
app.daily.devMay 30