Palo Alto Networks
-
Palo Alto says PAN-OS flaw is under active exploitation
Palo Alto Networks said a critical PAN-OS buffer overflow flaw is being exploited in the wild and can let unauthenticated attackers run code with root privileges on exposed firewalls.
-
Palo Alto Networks to acquire Koi in deal aimed at agentic AI security
Palo Alto Networks announced plans to buy Koi to address risks from agentic AI. Terms were not disclosed, but a report by Globes said the payment will be about 400 million dollars.
-
Palo Alto fixes GlobalProtect DoS flaw tracked as CVE-2026-0227
Palo Alto issued updates for a high-severity GlobalProtect denial-of-service flaw CVE-2026-0227 with CVSS 7.7 on Jan 15, 2026. A proof-of-concept exists and no workarounds are available.
-
Palo Alto Networks in talks to buy Israeli cybersecurity startup Koi for about $400 million
Palo Alto Networks is reported to be in talks to buy Israeli startup Koi for about $400 million. Koi, founded in 2024 and backed with $48 million, offers an AI driven supply chain security platform that protects over 500,000 endpoints.
-
AI agents flagged as new insider threat in 2026 by Palo Alto report
A Palo Alto Networks predictions report warns AI agents are a new insider threat in 2026 as Gartner forecasts 40 percent of enterprise apps will adopt task specific agents. The report highlights privilege risk, prompt injection and defensive uses.
-
Researchers report surge in scans targeting Palo Alto Networks login portals
GreyNoise reported a roughly 500% rise in IP addresses scanning Palo Alto Networks GlobalProtect and PAN-OS profiles, peaking at over 1,285 addresses on Oct. 3; GreyNoise classed most IPs as suspicious and also flagged separate Grafana exploitation attempts tied to CVE-2021-43798.
-
Palo Alto Networks says Salesforce data exposed in breach tied to Salesloft Drift supply-chain attack
Palo Alto Networks disclosed a data breach linked to a broader Salesloft Drift supply-chain attack that exposed customer data in its Salesforce CRM. The incident involved OAuth token abuse, mass exfiltration of Salesforce records, and credential harvesting, prompting token revocation, Drift disablement, and guidance for customers to review logs and rotate secrets.
