GreyNoise observed a spike in scanning throughout March 2025 Thousands of IP addresses were scanning PAN-OS GlobalProtect ...

GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances.

Threat intelligence startup GreyNoise said in a blog post on Tuesday that it had observed a “notable resurgence of ...

A significant spike in scanning activity targeting Palo Alto Network GlobalProtect login portals has been observed, with ...

In May 2024, security researchers from Assetnote found vulnerabilities, tracked as CVE-2024-4879, CVE-2024-5178, and CVE-2024 ...

Researchers are tracking a significant surge in login scanning activity targeting Palo Alto Networks (PAN) firewalls.

Attack attempts via CVE-2025-24813 are underway, but successful attacks require specific, non-default configurations, ...

IPs scanned Palo Alto GlobalProtect portals in late March, signaling systemic recon before potential exploits.

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577 ...

Nearly 24K unique IP addresses have attempted to access portals in the last 30 days, raising concerns of imminent attacks ...

Exploitation of a critical-severity vulnerability affecting Windows-based PHP installations has impacted organizations in the U.S., according to a researcher at threat intelligence firm GreyNoise.

Cisco Talos recently found a bug in PHP-CGI, being used in attacks against Japanese firms GreyNoise said the attacks are being seen worldwide, and called for "immediate action" A patch was ...