GreyNoise

Entity category: organization

Business

Hackers Actively Exploit Critical BeyondTrust RCE Flaw

February 15, 2026
BeyondTrust logo on a vibrant, abstract background.

A critical command injection vulnerability (CVE-2026-1731) in BeyondTrust's remote access software is being actively exploited, allowing unauthenticated attackers to run…

Read More »
Business

Ivanti EPMM “sleeper” webshells pose hidden threat

February 12, 2026
Ivanti logo with digital red code background, creating a tech-focused visual.

A critical vulnerability (CVE-2026-1281) in Ivanti's EPMM platform is being actively exploited, with attackers implanting hidden, dormant backdoors that are…

Read More »
Cybersecurity

Check If Your Home Network Is Hacked

December 22, 2025
Close-up of a white router with yellow and blue ethernet cables plugged in.

A new tool called IP Check from GreyNoise allows users to quickly see if their public IP address has been…

Read More »
BigTech Companies

GlobalProtect VPN Portals Hit by 2.3 Million Cyber Scans

November 21, 2025
Palo Alto Networks logo against a backdrop of red binary code.

A fortyfold surge in malicious scanning targeting Palo Alto Networks GlobalProtect VPN portals began on November 14, 2025, marking the…

Read More »
Artificial Intelligence

Palo Alto Portal Scans Skyrocket 500%

October 13, 2025
Palo Alto Networks logo and signage outside a modern building.

GreyNoise reported a 500% surge in reconnaissance scans targeting Palo Alto Networks login interfaces, with 1,300 distinct IPs detected on…

Read More »
BigTech Companies

Major Firewall Vendors Hit in Coordinated Cyberattack

October 11, 2025
Digital representation of Earth with glowing connections and data points.

A coordinated cyberattack is targeting Cisco, Palo Alto Networks, and Fortinet devices, with all exploitation campaigns originating from identical subnets,…

Read More »
Business

Palo Alto Networks Login Portals Under Massive Attack Surge

October 5, 2025
Palo Alto Networks logo against a red digital background with binary code.

A dramatic 500% surge in suspicious network scans is targeting Palo Alto Networks login portals, with over 1,285 unique IPs…

Read More »
Artificial Intelligence

GreyNoise Launches MCP Server for AI-Powered SOC Workflows

September 19, 2025
Global network connection with a stylized 'A' at its center, representing AI's worldwide reach.

GreyNoise Intelligence has launched an MCP Server to integrate real-time threat intelligence into AI-driven security operations, enabling faster decision-making and…

Read More »
BigTech Companies

Cisco ASA Devices Face Surge in Network Scans

September 10, 2025
Cisco logo on a background of red and blue streaks of light, suggesting speed and connectivity.

A significant surge in network scanning activity targeting Cisco ASA devices has been detected, with spikes in late August involving…

Read More »
Cybersecurity

Fortinet Issues Alert: Critical Vulnerability Exploit Code Released

August 15, 2025
Fortinet building exterior with company logo prominently displayed.

A critical vulnerability (CVE-2025-25256) in Fortinet's FortiSIEM platform allows unauthenticated attackers to execute arbitrary code, prompting urgent patching efforts due…

Read More »
Cybersecurity

80% of Security Flaws Followed by Spikes in Malicious Activity

August 1, 2025
A hand reaches out from a swirling cloud of red smoke, creating a dramatic and mysterious scene.

New research shows that 80% of sudden spikes in malicious activity (e.g., network scanning) precede the disclosure of security vulnerabilities…

Read More »
Cybersecurity

Patch Alert: CitrixBleed 2 Still a Threat (CVE-2025-5777)

July 10, 2025
Silhouetted coder at computer, red cityscape backdrop, NetScaler logo prominent. Cybersecurity concept.

A critical vulnerability (CVE-2025-5777) in Citrix NetScaler systems is being exploited, enabling session hijacking and unauthorized access despite Citrix's denial…

Read More »