Palo Alto patches worrying security issue which could crash your firewall without logging in

A high-severity flaw was found in GlobalProtect Gateway and Portal ...
ZDNet

Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN

Researchers with cybersecurity firm Randori have discovered a remote code execution vulnerability in Palo Alto Networks firewalls using the GlobalProtect Portal VPN. The zero-day -- which has a ...
Dark Reading

Palo Alto Networks Does Not Fully Address Vulnerability in GlobalProtect SSL VPN Solution

Palo Alto Networks has published an advisory about its Palo Alto GlobalProtect SSL VPN solution which is used by many organizations. The advisory was a response to research carried out by Orange Tsai ...
Threat Post

Massive Zero-Day Hole Found in Palo Alto Security Appliances

UPDATE: Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects what Palo Alto clarified is an estimated 10,000 VPN/firewalls.
Infosecurity-magazine.com

Palo Alto's GlobalProtect VPN Spoofed to Deliver New Malware Variant

Palo Alto Networks has observed that GlobalProtect, its virtual private network (VPN) software, was leveraged to deliver a new variant of the WikiLoader loader malware. In a report published on ...

Palo Alto Networks warns of DoS bug letting hackers disable firewalls

Palo Alto Networks patched a high-severity vulnerability that could allow unauthenticated attackers to disable firewall ...
Dark Reading

Warning: VPN Application Vulnerabilities Found

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about enterprise-grade virtual private networks that points to a vulnerability ...