Attackers are exploiting Palo Alto Networks defect that initially flew under the radar | CyberScoop<\/title> <meta name=\"description\" content=\"The escalated threat posed by the defect showcases how quickly a seemingly mild vulnerability can turn into an urgent warning.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/palo-alto-networks-cve-2026-0257-exploited-vulnerability\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Attackers are exploiting Palo Alto Networks defect that initially flew under the radar\"> <meta property=\"og:description\" content=\"The escalated threat posed by the defect showcases how quickly a seemingly mild vulnerability can turn into an urgent warning.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/palo-alto-networks-cve-2026-0257-exploited-vulnerability\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-06-01T22:29:42+00:00\"> <meta property=\"article:modified_time\" content=\"2026-06-01T22:29:45+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1778775768g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1780345453g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1775068334g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/89242\"><meta name=\"generator\" content=\"WordPress 6.8.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=89242\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fpalo-alto-networks-cve-2026-0257-exploited-vulnerability%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fpalo-alto-networks-cve-2026-0257-exploited-vulnerability%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-89242 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/palo-alto-networks-cve-2026-0257-exploited-vulnerability\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.674908424908\">\n<div class=\"single-article__header-content\" readability=\"34.477611940299\">\n<p> The escalated threat posed by the defect showcases how quickly a seemingly mild vulnerability can turn into an urgent warning. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/89242\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-4.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Palo Alto Networks headquarters in Silicon Valley; Palo Alto Networks, Inc. is an American multinational cyber security company. (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"44.632000832813\"><body readability=\"92.963800904977\"><\/p>\n<p>Researchers and threat hunters are scrambling to respond to an actively exploited authentication-bypass vulnerability affecting Palo Alto Networks customers\u2019 firewalls. <\/p>\n<p>The company initially tagged <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2026-0257\">CVE-2026-0257<\/a> with a medium-severity rating when it <a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2026-0257\">disclosed the defect<\/a> May 13, but quickly reassessed it as critical after Rapid7 observed and confirmed active exploitation in the wild. The Cybersecurity and Infrastructure Security Agency followed suit, and added the vulnerability to its <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2026\/05\/29\/cisa-adds-one-known-exploited-vulnerability-catalog\">known exploited vulnerabilities catalog<\/a> Friday.<\/p>\n<p>The escalated threat posed by the defect, which allows remote attackers to bypass security restrictions and establish a VPN connection to an affected firewall, showcases how quickly a seemingly mild vulnerability can turn into an urgent warning. <\/p>\n<p>\u201cPalo Alto Networks is actively monitoring limited exploitation attempts targeting CVE-2026-0257 on unpatched PAN-OS devices where mitigations have not been applied,\u201d a company spokesperson said in a statement. The company on Friday urged all customers to immediately apply the patch or follow its recommended steps for mitigation. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The vendor and Rapid7, which first observed exploitation May 17 in a customer environment, declined to say how many organizations are impacted thus far. Yet, Douglas McKee, director of vulnerability intelligence at Rapid7, warned: \u201cWe\u2019ve continued to see new victims roll in, including a couple of customers hit within just an hour of each other during a second wave of activity\u201d on May 21. <\/p>\n<p>Jake Knott, security researcher at watchTowr, told CyberScoop the vulnerability and resulting exploits follows a recurring trend wherein attackers target exposed network edge devices and rapidly identify, develop and weaponize exploits for initial access. <\/p>\n<p>\u201cThis is yet another authentication bypass on a device whose sole job is to guard the front door to an organization\u2019s network,\u201d he said. \u201cWhat stands out is how simple it is \u2014 an attacker can forge a valid authentication cookie using nothing more than the appliance\u2019s publicly available TLS certificate. The entire exploit is a single HTTP request.\u201d<\/p>\n<p>The vulnerability has a few requisites that limit exposure, specifically posing risk to some Palo Alto Networks customers running GlobalProtect portal or gateway configured to enable authentication override cookies. <\/p>\n<p>\u201cThe cookie encryption and decryption certificate must be reused with another feature, which potentially exposes the public key for that certificate,\u201d said Caitlin Condon, vice president of security research at VulnCheck.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cIt\u2019s difficult to say how many deployments meet those criteria for exploitability, but Palo Alto Networks firewalls have a very large footprint, which means even uncommon configurations can present significant attack surface area,\u201d she added.<\/p>\n<p>Rapid7 said the same attacker or group is likely responsible for both waves of exploitation last month, but in many cases attackers are not establishing a full VPN connection or moving to other parts of the impacted network. <\/p>\n<p>The attackers are \u201chighly opportunistic and clearly monitor the security research community,\u201d McKee said. \u201cAttackers are purposefully weaponizing medium-severity vulnerabilities, which are typically lower priority or blind spots for organizations.\u201d<\/p>\n<p>Multiple threat clusters are swarming to the opportunity and quickly adapting to <a href=\"https:\/\/www.rapid7.com\/blog\/post\/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257\/\">published research<\/a>. Researchers have not attributed the malicious activity to any specific threat groups. <\/p>\n<p>\u201cTheir exact origins and long-term objectives remain unclear, as they currently seem focused purely on opportunistic initial access rather than targeted, long-term espionage,\u201d McKee said. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Palo Alto Networks said it discovered the vulnerability internally through its use of frontier AI tools. Yet, within days of its public disclosure, initial assessments were proven inadequate.<\/p>\n<p>\u201cThis is a pattern we continue to see \u2014 the urgency only arrives after exploitation is underway,\u201d Knott said. \u201cOrganizations that wait for confirmation of active exploitation before patching will consistently find themselves reacting too late.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.0074626865672\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/palo-alto-networks-cve-2026-0257-exploited-vulnerability\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Attackers are exploiting Palo Alto Networks defect that initially flew<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[282,78,452,2182,2659,3119,3297,715,6577,3353,256,288,4136,2281,703,2390,5199],"tags":[286,86,454,2185,2661,3120,3298,720,6578,3357,262,294,4140,2283,705,2394,5200],"class_list":["post-8704","post","type-post","status-publish","format-standard","hentry","category-cybercrime","category-cybersecurity","category-cybersecurity-and-infrastructure-security-agency-cisa","category-edge-devices","category-exploit","category-firewall","category-firewalls","category-palo-alto-networks","category-pan-os","category-rapid7","category-research","category-threats","category-vulncheck","category-vulnerability","category-vulnerability-disclosure","category-vulnerability-management","category-watchtowr","tag-cybercrime","tag-cybersecurity","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-edge-devices","tag-exploit","tag-firewall","tag-firewalls","tag-palo-alto-networks","tag-pan-os","tag-rapid7","tag-research","tag-threats","tag-vulncheck","tag-vulnerability","tag-vulnerability-disclosure","tag-vulnerability-management","tag-watchtowr"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/edge-devices\/\" rel=\"category tag\">edge devices<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/exploit\/\" rel=\"category tag\">exploit<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/firewall\/\" rel=\"category tag\">firewall<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/firewalls\/\" rel=\"category tag\">firewalls<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/palo-alto-networks\/\" rel=\"category tag\">Palo Alto Networks<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/pan-os\/\" rel=\"category tag\">PAN-OS<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/rapid7\/\" rel=\"category tag\">Rapid7<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulncheck\/\" rel=\"category tag\">VulnCheck<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability\/\" rel=\"category tag\">vulnerability<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability-disclosure\/\" rel=\"category tag\">vulnerability disclosure<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability-management\/\" rel=\"category tag\">Vulnerability Management<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/watchtowr\/\" rel=\"category tag\">watchTowr<\/a>","tag_info":"watchTowr","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8704","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8704"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8704\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8704"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8704"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8704"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8704,"date":"2026-06-01T17:29:42","date_gmt":"2026-06-01T22:29:42","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=89242"},"modified":"2026-06-01T17:29:42","modified_gmt":"2026-06-01T22:29:42","slug":"attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-2","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/06\/01\/attackers-are-exploiting-palo-alto-networks-defect-that-initially-flew-under-the-radar-2\/","title":{"rendered":"Attackers are exploiting Palo Alto Networks defect that initially flew under the radar"},"content":{"rendered":"