Palo Alto Networks Scans Surge

Cyber Security News by CyberSum.net

Published on October 5, 2025 at 08:14 PM

3 sources

GreyNoise detected a 500% increase in scans targeting Palo Alto Networks login portals, with 93% of IPs classified as suspicious and 7% as malicious, indicating possible targeted reconnaissance, a cybersecurity firm reported, noting that most IPs originated from a country, with smaller clusters in other regions, and that the scans targeted emulated Palo Alto profiles, focusing mainly on systems in a region and another area, suggesting coordinated activity.

Also Read

Famous Chollima Uses Fake Job Offers to Spread Malware

Cisco Talos has exposed a malware campaign by Famous Chollima, a threat group aligned with the Lazarus APT. The campaign uses fake job offers to infect developers with BeaverTail and OtterCookie malware, which now include keylogging and cryptocurrency wallet stealing capabilities. The infection chain begins with a trojanized Node.js project called Chessfi, leading to the execution of a combined malware payload. The campaign targets cryptocurrency browser extensions and evolves to blend espionage with financial crime, aligning with the focus on cryptocurrency theft to evade sanctions.

By Cyber Security News by CyberSum.netOctober 17, 2025 at 09:00 AM