Thousands of Palo Alto Firewalls Breached in Exploit Campaign
Approximately 2,000 Palo Alto Networks firewalls have been compromised due to two newly discovered vulnerabilities, CVE-2024-0012 and CVE-2024-9474, which allow attackers to gain unauthorized access and root privileges. Despite a decrease in internet-exposed interfaces, the Shadowserver Foundation reports significant exploitation, primarily in the US and India. Palo Alto Networks has released patches and shared indicators of compromise to help mitigate the threat, while emphasizing that most customers follow best practices to secure their systems.