Ars Technica

Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating

About 10,000 enterprise servers running Palo Alto Networks’ GlobalProtect VPN are vulnerable to a just-patched buffer overflow bug with a severity rating of 9.8 out of a possible 10. Security firm ...
Infosecurity-magazine.com

Palo Alto's GlobalProtect VPN Spoofed to Deliver New Malware Variant

Palo Alto Networks has observed that GlobalProtect, its virtual private network (VPN) software, was leveraged to deliver a new variant of the WikiLoader loader malware. In a report published on ...
CRN

Ingram Micro Attack Did Not Involve GlobalProtect VPN: Palo Alto Networks

The VPN was not ‘the source of the vulnerability or impacted’ in the ransomware attack against distribution giant Ingram Micro, Palo Alto Networks says. Reports connecting the GlobalProtect VPN system ...
Bleeping Computer

22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks

Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in ...