As many as 2,000 of these Palo Alto Networks gizmos might've gotten hacked because some sneaky folks found out about some new security issues. The Shadowserver Foundation, which is like the cool kids' club for internet watchdogs, said that more than half of these hacked things are in the U.S., with 554 of them, and India's not too far behind with 461. It's like a hacking contest with countries as the contestants!
This all started because some peeps at Censys spotted over 13,000 of these firewall management doodads that anyone could see if they looked hard enough. But don't worry, not all of them are in trouble, just some. The bugs that are causing all this ruckus, CVE-2024-0012 and CVE-2024-9474, are like a VIP pass for the bad guys to mess around with the settings and even run their own shady programs.
Palo Alto Networks is keeping an eye on this whole thing and calling it Operation Lunar Peek, which sounds like something out of a sci-fi movie. They're saying that these flaws are basically giving the hackers free rein to do whatever they want, like planting those pesky computer viruses called PHP-based web shells.
These hackers are getting pretty crafty, too. They're using both manual and robotic ways to look for these vulnerable gadgets. So, Palo Alto Networks is saying everyone should patch them up real quick, like slapping a Band-Aid on a skinned knee. It's super important to only let the cool, trustworthy peeps from your school's Wi-Fi to mess with them, and definitely not let anyone from the outside internet play around.
This is like when your friend tells you about a secret glitch in a video game, and you rush to patch it before everyone else finds out. Except, it's for real-life internet security, and way more serious than getting all the loot before the game updates.