GreyNoise observed a spike in scanning throughout March 2025 Thousands of IP addresses were scanning PAN-OS GlobalProtect ...

A significant spike in scanning activity targeting Palo Alto Network GlobalProtect login portals has been observed, with ...

GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances.

Nearly 24K unique IP addresses have attempted to access portals in the last 30 days, raising concerns of imminent attacks ...

Threat intelligence startup GreyNoise said in a blog post on Tuesday that it had observed a “notable resurgence of ...

IPs scanned Palo Alto GlobalProtect portals in late March, signaling systemic recon before potential exploits.

Researchers are tracking a significant surge in login scanning activity targeting Palo Alto Networks (PAN) firewalls.

In May 2024, security researchers from Assetnote found vulnerabilities, tracked as CVE-2024-4879, CVE-2024-5178, and CVE-2024 ...

Attack attempts via CVE-2025-24813 are underway, but successful attacks require specific, non-default configurations, ...

Cisco Talos recently found a bug in PHP-CGI, being used in attacks against Japanese firms GreyNoise said the attacks are being seen worldwide, and called for "immediate action" A patch was ...

Eleven11bot was discovered by Nokia researchers who shared the details with the threat monitoring platform GreyNoise. Nokia's security researcher, Jérôme Meyer, commented that Eleven11bot is one ...

Exploitation of a critical-severity vulnerability affecting Windows-based PHP installations has impacted organizations in the U.S., according to a researcher at threat intelligence firm GreyNoise.