Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Threat intelligence firm GreyNoise disclosed on Friday that it has observed a massive spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, 2025, the highes...

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems. MOVEit Transfer is a popular...

Scanning Activity for CVE-2024-22024 (XXE) Vulnerability in Ivanti

...

ALERT: Critical RCE Bug in VMware vCenter Server Under Active Attack

Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by...

TLS 1.0 Weak Protocol

The remote server offers deprecated TLS 1.0 protocol which can lead to weaknesses. No source data...

Multiple SSH Vulnerabilities - Cisco Systems

Four different Cisco product lines are susceptible to multiple vulnerabilities discovered in the Secure Shell SSH protocol version 1.5. These issues have been addressed, and fixes have been integrated into the Cisco products that support this protocol. By exploiting the weakness in the SSH...