Security News

Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach...

Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up....

If you want to avoid urgent patches, stop exposing management consoles to the public internet A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two...

Roses are red, violets are blue, CVE-2024-53704 is perfect for a ransomware crew Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall...

Attackers are now targeting an authentication bypass vulnerability affecting SonicWall firewalls shortly after the release of proof-of-concept (PoC) exploit code. [...]

Limited-edition hotfix to get wider release before end of month Administrators of Palo Alto Networks' firewalls have complained the equipment falls over unexpectedly, and while a fix has bee...

Fortinet has disclosed a second authentication bypass vulnerability that was fixed as part of a January 2025 update for FortiOS and FortiProxy devices. [...]

Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. [...]

Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the...

Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. [...]