PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026
Palo Alto Networks develops cybersecurity platforms and products whose vulnerabilities, advisories, and deployments can affect network and cloud security.
Search across headline titles and summaries.
Background for this topic.
Palo Alto Networks develops cybersecurity platforms for network firewalls, cloud and application security, secure remote access, endpoint protection, and security operations. Its firewalls commonly run PAN-OS, enforcing traffic and access policies, inspecting network activity, and collecting telemetry for detection and response.
For practitioners, advisories involving PAN-OS, firewall management interfaces, or remote-access gateways can require rapid exposure assessment, patching, configuration changes, and log review for signs of exploitation. Internet-facing management services and overly broad rules are important attack surfaces; a vulnerability may be more consequential when administrative access or sensitive inspection data is involved. Cloud and endpoint components add identity, API, agent, and data-handling dependencies, so updates should be tested across integrations and privileges. Security teams should validate fixes against asset inventories, monitor relevant indicators, and control access to retained telemetry where privacy or regulatory obligations apply.
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month. [...]
Vendor Details Mitigations, Promises Patched PAN-OS Software in Coming WeeksPalo Alto Networks warned that a critical vulnerability in the PAN-OS software that runs its firewalls is being actively exploited in the wild by attackers. The vendor detailed temporary mitigations and promised to release updated software to fully patch the flaw later this month.
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. [...]
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild
Smaller Cybersecurity Partners Get Opus 4.7 But Not Anthropic's Highest-Risk ModelAnthropic’s Project Glasswing gives CrowdStrike, Palo Alto Networks and Zscaler privileged access to Claude Mythos Preview, while smaller cybersecurity partners such as SentinelOne and TrendAI can only integrate with Anthropic's generally available Opus 4.7 model.