Topics
Latest
AI
Amazon
Image Credits:David Paul Morris/Bloomberg / Getty Images
Apps
Biotech & Health
clime
Image Credits:David Paul Morris/Bloomberg / Getty Images
Cloud Computing
commercialism
Crypto
Enterprise
EVs
Fintech
Fundraising
widget
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
societal
Space
Startups
TikTok
Department of Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
newssheet
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
U.S. cybersecurity giant Palo Alto Networks has warned that hackers are exploiting another exposure in its firewall software system to ruin into unpatched customer networks .
assailant are overwork a recently disclosed vulnerability in PAN - OS , the operating system that runs Palo Alto Networks firewalls , the California - based company confirmed on Tuesday .
Cybersecurity house Assetnotediscoveredthe exposure , track asCVE-2025 - 0108 , earlier this month while psychoanalyse two earlier Palo Alto firewall vulnerability that had been used in early onrush .
Palo Alto Networks released an advisory on the same day and pep up customer to desperately patch against the latest bug . The companyupdated its advisoryon Tuesday to admonish that the vulnerability is under fighting attack .
The troupe said malicious assailant are chain the exposure with two previously disclosed defect — CVE-2024 - 9474 and CVE-2025 - 0111 — to aim unpatched and unsecured PAN - OS connection management interface . CVE-2024 - 9474has been exploited in attacks since November 2024 , we previously reported .
Palo Alto Networks has n’t excuse how the three vulnerability are being chain together by hackers , but noted that the complexness of the onrush is “ low . ”
The shell of the development is not yet known , but menace tidings startup GreyNoisesaid in a web log poston Tuesday that it has observed 25 IP addresses actively exploit the PAN - OS vulnerability , up from two IP addresses on February 13 , suggesting an uptick in victimization activeness . The exploitation attempts have been flag by GreyNoise as “ malicious , ” suggesting that threat histrion are behind the victimisation rather than security measure researchers .
“ This gamy - severity flaw allow for unauthenticated assailant to put to death specific PHP scripts , potentially leading to unauthorized access to vulnerable systems , ” GreyNoise articulate .
GreyNoise says it has observed the highest levels of tone-beginning traffic in the U.S. , Germany , and the Netherlands .
It ’s not acknowledge who is behind these attacks , or whether any sensible data has been stolen from client ’ networks . Palo Alto Networks did not immediately reply to TechCrunch ’s questions .
CISA , the U.S. government ’s cybersecurity agency , added the latest Palo Alto bug toits publicly listed Known Exploited Vulnerabilities ( KEV ) catalogon Tuesday .
