Palo Alto Networks gateways facing huge number of possible security attacks
GreyNoise observed a spike in scanning throughout March 2025 Thousands of IP addresses were scanning PAN-OS GlobalProtect ...
Hackers are ramping up attacks using year-old ServiceNow security bugs to target unpatched systems
Threat intelligence startup GreyNoise said in a blog post on Tuesday that it had observed a “notable resurgence of ...
Nearly 24,000 IPs behind wave of Palo Alto Global Protect scans
A significant spike in scanning activity targeting Palo Alto Network GlobalProtect login portals has been observed, with ...
SecurityWeek3d
Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals
GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances.
Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities
There has been a “notable resurgence” in the abuse of three concerning ServiceNow security vulnerabilities, experts are ...
The Hacker News2d
Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign
IPs scanned Palo Alto GlobalProtect portals in late March, signaling systemic recon before potential exploits.
Experts warn this critical PHP vulnerability could be set to become a global problem
Cisco Talos recently found a bug in PHP-CGI, being used in attacks against Japanese firms GreyNoise said the attacks are ...
Critical Apache Tomcat RCE vulnerability exploited
Attack attempts via CVE-2025-24813 are underway, but successful attacks require specific, non-default configurations, ...
Mass login scans of PAN GlobalProtect portals surge
Nearly 24K unique IP addresses have attempted to access portals in the last 30 days, raising concerns of imminent attacks ...
Bleeping Computer24d
Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577 ...
CRN25d
Attacks Exploiting ‘Critical’ PHP Vulnerability Have Impacted US: Researcher
Exploitation of a critical-severity vulnerability affecting Windows-based PHP installations has impacted organizations in the U.S., according to a researcher at threat intelligence firm GreyNoise.