MSN on MSN

A Check Point VPN flaw rated 9.3 is already under attack, and CISA wants it patched

Attackers are already exploiting a severe flaw in Check Point VPN software that lets them bypass authentication entirely, and ...

Hackers Are Using Popular VPN to Breach Online Company Data in Pakistan

National CERT Pakistan has issued a high-severity cybersecurity advisory warning that attackers are actively exploiting a critical security vulnerability ...
latesthackingnews.com

Palo Alto’s GlobalProtect Authentication Bypass Was Exploited Four Days After Disclosure

CVE-2026-0257's GlobalProtect authentication bypass went from advisory to active exploitation in four days. The recurring ...
MSN on MSN

Hackers are breaking into corporate networks through a Palo Alto VPN flaw, forging login cookies to walk straight past the password screen

Attackers are exploiting a newly cataloged flaw in Palo Alto Networks GlobalProtect VPN software to forge authentication ...
The Hacker News

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

CVE-2026-0257 is being actively exploited on PAN-OS devices since May 17, 2026, enabling unauthorized VPN access and network exposure.
CSO Online

Check Point warns of ransomware-linked attacks exploiting outdated VPN protocol

Organizations that delayed retiring the legacy IKEv1 VPN protocol are now facing an actively exploited authentication bypass ...

Ransomware crims got a month-long head start on Check Point VPN 0-day that now has a fix

Check Point released an emergency fix on Monday for a critical authentication bypass vulnerability affecting its Remote ...
ZDNet

Some enterprise VPN apps store authentication/session cookies insecurely

At least four Virtual Private Network (VPN) applications sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC) ...
Network World

Using your Active Directory for VPN authentication on ASA

For a long time the only way to use Active Directory (AD) for VPN authentication and authorization was to use a RADIUS server such as Cisco ACS that could use AD as an external database. With the ...