Bleeping Computer

Fortinet VPN Client Exposes VPN Creds, Palo Alto Firewalls Allow Remote Attacks

It's been a bad week for two of the world's biggest vendors of enterprise hardware and software — Fortinet and Palo Alto Networks. Both companies fixed security issues this week affecting some of ...
Threat Post

Massive Zero-Day Hole Found in Palo Alto Security Appliances

UPDATE: Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects what Palo Alto clarified is an estimated 10,000 VPN/firewalls.
ZDNet

Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN

Researchers with cybersecurity firm Randori have discovered a remote code execution vulnerability in Palo Alto Networks firewalls using the GlobalProtect Portal VPN. The zero-day -- which has a ...