GreyNoise
@greynoise.infosec.exchange.ap.brid.gy
GreyNoise analyzes Internet background noise. Use GreyNoise to remove pointless security alerts, find compromised devices, or identify emerging threats […]
[bridged from https://infosec.exchange/@greynoise on the fediverse by https://fed.brid.gy/ ]
[bridged from https://infosec.exchange/@greynoise on the fediverse by https://fed.brid.gy/ ]
Check out @hrbrmstr today on @huntress's Tradecraft Tuesday at 1pm ET to chat about all things #react2shell. 🤘
🔗 […]
[Original post on infosec.exchange]
🔗 […]
[Original post on infosec.exchange]
January 13, 2026 at 4:32 PM
Check out @hrbrmstr today on @huntress's Tradecraft Tuesday at 1pm ET to chat about all things #react2shell. 🤘
🔗 […]
[Original post on infosec.exchange]
🔗 […]
[Original post on infosec.exchange]
Reposted by GreyNoise
Later today the epic @huntress team lets me crash the party to talk all things React2Shell.
Still time to reg!
Rly looking fwd to it. Tis not often one gets to meet ones heroes! […]
[Original post on mastodon.social]
Still time to reg!
Rly looking fwd to it. Tis not often one gets to meet ones heroes! […]
[Original post on mastodon.social]
January 13, 2026 at 2:08 PM
Later today the epic @huntress team lets me crash the party to talk all things React2Shell.
Still time to reg!
Rly looking fwd to it. Tis not often one gets to meet ones heroes! […]
[Original post on mastodon.social]
Still time to reg!
Rly looking fwd to it. Tis not often one gets to meet ones heroes! […]
[Original post on mastodon.social]
New on the GreyNoise blog: We borrow from some unexpected fields, enzyme kinetics, species biodiversity models, astrophotography, to understand internet-wide scanning activity and measure what we might be missing.
https://www.greynoise.io/blog/filtering-noise-cyber-space
#greynoise #cybersecurity
https://www.greynoise.io/blog/filtering-noise-cyber-space
#greynoise #cybersecurity
Filtering Noise in (Cyber)Space
Dive into the scientific methods GreyNoise uses to separate internet noise from real threats, providing defenders a clearer, more accurate view of malicious activity.
www.greynoise.io
January 12, 2026 at 9:21 PM
New on the GreyNoise blog: We borrow from some unexpected fields, enzyme kinetics, species biodiversity models, astrophotography, to understand internet-wide scanning activity and measure what we might be missing.
https://www.greynoise.io/blog/filtering-noise-cyber-space
#greynoise #cybersecurity
https://www.greynoise.io/blog/filtering-noise-cyber-space
#greynoise #cybersecurity
🚨 We are hiring across sales, alliances, and customer experience for our US + EMEA teams 🌍
See a role you'd crush? We would love to hear from you!
👉 Apply now: greynoise.io/careers
#hiring #cybersecuritycareers
See a role you'd crush? We would love to hear from you!
👉 Apply now: greynoise.io/careers
#hiring #cybersecuritycareers
January 12, 2026 at 4:07 PM
🚨 We are hiring across sales, alliances, and customer experience for our US + EMEA teams 🌍
See a role you'd crush? We would love to hear from you!
👉 Apply now: greynoise.io/careers
#hiring #cybersecuritycareers
See a role you'd crush? We would love to hear from you!
👉 Apply now: greynoise.io/careers
#hiring #cybersecuritycareers
GreyNoise analyzed activity targeting exposed Ollama and LLM infrastructure, identifying SSRF abuse attempts and large-scale probing of LLM model endpoints.
Analysis: https://www.greynoise.io/blog/threat-actors-actively-targeting-llms
#greynoise #threatintelligence #llmsecurity
Analysis: https://www.greynoise.io/blog/threat-actors-actively-targeting-llms
#greynoise #threatintelligence #llmsecurity
Threat Actors Actively Targeting LLMs
Our Ollama honeypot infrastructure captured 91,403 attack sessions between October 2025 and January 2026. Buried in that data: two distinct campaigns that reveal how threat actors are systematically mapping the expanding surface area of AI deployments.
www.greynoise.io
January 8, 2026 at 8:05 PM
GreyNoise analyzed activity targeting exposed Ollama and LLM infrastructure, identifying SSRF abuse attempts and large-scale probing of LLM model endpoints.
Analysis: https://www.greynoise.io/blog/threat-actors-actively-targeting-llms
#greynoise #threatintelligence #llmsecurity
Analysis: https://www.greynoise.io/blog/threat-actors-actively-targeting-llms
#greynoise #threatintelligence #llmsecurity
Ransomware starts with reconnaissance: we observed a recent large-scale scanning campaign validating exploitable systems, data that feeds the initial access market and shows up later in real attacks. 🕵️♀️
https://www.greynoise.io/blog/christmas-scanning-campaign-fuel-2026-attacks
#greynoise […]
https://www.greynoise.io/blog/christmas-scanning-campaign-fuel-2026-attacks
#greynoise […]
Original post on infosec.exchange
infosec.exchange
January 8, 2026 at 3:10 PM
Ransomware starts with reconnaissance: we observed a recent large-scale scanning campaign validating exploitable systems, data that feeds the initial access market and shows up later in real attacks. 🕵️♀️
https://www.greynoise.io/blog/christmas-scanning-campaign-fuel-2026-attacks
#greynoise […]
https://www.greynoise.io/blog/christmas-scanning-campaign-fuel-2026-attacks
#greynoise […]
Back from the holidays and afraid to open your inbox? Same. Open the latest NoiseLetter instead.
https://www.greynoise.io/resources/noiseletter-december-2025
https://www.greynoise.io/resources/noiseletter-december-2025
NoiseLetter December 2025
Get GreyNoise updates! Read the December 2025 NoiseLetter for product news, key resources, the latest tags and vulnerabilities, and more.
www.greynoise.io
January 7, 2026 at 5:07 PM
Back from the holidays and afraid to open your inbox? Same. Open the latest NoiseLetter instead.
https://www.greynoise.io/resources/noiseletter-december-2025
https://www.greynoise.io/resources/noiseletter-december-2025
React2Shell Update – 7 January 2026
Full update & analysis: https://www.greynoise.io/blog/cve-2025-55182-react2shell-opportunistic-exploitation-in-the-wild-what-the-greynoise-observation-grid-is-seeing-so-far
#greynoise #react2shell
Full update & analysis: https://www.greynoise.io/blog/cve-2025-55182-react2shell-opportunistic-exploitation-in-the-wild-what-the-greynoise-observation-grid-is-seeing-so-far
#greynoise #react2shell
January 7, 2026 at 3:08 PM
React2Shell Update – 7 January 2026
Full update & analysis: https://www.greynoise.io/blog/cve-2025-55182-react2shell-opportunistic-exploitation-in-the-wild-what-the-greynoise-observation-grid-is-seeing-so-far
#greynoise #react2shell
Full update & analysis: https://www.greynoise.io/blog/cve-2025-55182-react2shell-opportunistic-exploitation-in-the-wild-what-the-greynoise-observation-grid-is-seeing-so-far
#greynoise #react2shell
Reposted by GreyNoise
#react2shell slingers had a party goin' on since the 25th and are still doing more with less.
Ginormous session counts from a fraction of the IPs.
Ginormous session counts from a fraction of the IPs.
January 1, 2026 at 1:09 PM
#react2shell slingers had a party goin' on since the 25th and are still doing more with less.
Ginormous session counts from a fraction of the IPs.
Ginormous session counts from a fraction of the IPs.
New year, new opportunities? Check out our current openings for a new start in the new year! 🪩🎉
🔗 greynoise.io/careers
🔗 greynoise.io/careers
December 31, 2025 at 5:48 PM
New year, new opportunities? Check out our current openings for a new start in the new year! 🪩🎉
🔗 greynoise.io/careers
🔗 greynoise.io/careers
See you all TOMORROW at 12ET for our last GreyNoise University LIVE of the year! ✨ https://www.greynoise.io/events/greynoise-university-live
GreyNoise University LIVE
www.greynoise.io
December 18, 2025 at 4:51 PM
GreyNoise is tracking a coordinated credential-based campaign targeting Cisco SSL VPN and Palo Alto Networks GlobalProtect.
🔗 https://www.greynoise.io/blog/credential-based-campaign-cisco-palo-alto-networks-vpn-gateways
#cisco #paloaltonetworks #greynoise […]
[Original post on infosec.exchange]
🔗 https://www.greynoise.io/blog/credential-based-campaign-cisco-palo-alto-networks-vpn-gateways
#cisco #paloaltonetworks #greynoise […]
[Original post on infosec.exchange]
December 17, 2025 at 8:03 PM
GreyNoise is tracking a coordinated credential-based campaign targeting Cisco SSL VPN and Palo Alto Networks GlobalProtect.
🔗 https://www.greynoise.io/blog/credential-based-campaign-cisco-palo-alto-networks-vpn-gateways
#cisco #paloaltonetworks #greynoise […]
[Original post on infosec.exchange]
🔗 https://www.greynoise.io/blog/credential-based-campaign-cisco-palo-alto-networks-vpn-gateways
#cisco #paloaltonetworks #greynoise […]
[Original post on infosec.exchange]
See you all TOMORROW at 12ET for our last GreyNoise University LIVE of the year! ✨ https://www.greynoise.io/events/greynoise-university-live
GreyNoise University LIVE
www.greynoise.io
December 17, 2025 at 6:39 PM
See you all TOMORROW at 12ET for our last GreyNoise University LIVE of the year! ✨ https://www.greynoise.io/events/greynoise-university-live
Update: Analyzing React2Shell payloads. Full breakdown from @hrbrmstr 👉 https://www.greynoise.io/blog/react2shell-payload-analysis
#react2shell #nextjs #cve202555182
#react2shell #nextjs #cve202555182
December 17, 2025 at 4:37 PM
Update: Analyzing React2Shell payloads. Full breakdown from @hrbrmstr 👉 https://www.greynoise.io/blog/react2shell-payload-analysis
#react2shell #nextjs #cve202555182
#react2shell #nextjs #cve202555182
Just in: Watch #react2shell exploitation unfold over time in the map below (geo of source IPs attempting to exploit CVE-2025-55182).
#greynoise #threatintel #cve202555182 #nextjs #cybersecurity
#greynoise #threatintel #cve202555182 #nextjs #cybersecurity
December 11, 2025 at 3:55 PM
Just in: Watch #react2shell exploitation unfold over time in the map below (geo of source IPs attempting to exploit CVE-2025-55182).
#greynoise #threatintel #cve202555182 #nextjs #cybersecurity
#greynoise #threatintel #cve202555182 #nextjs #cybersecurity
Going LIVE in 30 to talk all things React2Shell with the Storm ⚡️ Watch crew!
https://www.linkedin.com/events/stormwatch-react2shell-welcomet7404177317620699136/theater/
https://www.linkedin.com/events/stormwatch-react2shell-welcomet7404177317620699136/theater/
December 9, 2025 at 7:39 PM
Going LIVE in 30 to talk all things React2Shell with the Storm ⚡️ Watch crew!
https://www.linkedin.com/events/stormwatch-react2shell-welcomet7404177317620699136/theater/
https://www.linkedin.com/events/stormwatch-react2shell-welcomet7404177317620699136/theater/
👀 React2Shell attacker profiles fresh from GreyNoise telemetry: https://info.greynoise.io/hubfs/PDFs-Sales-Marketing/GreyNoise-React2Shell-Attacker-Profiles.pngAlso, don't miss the latest contribution from GreyNoise Labs on React2Shell […]
[Original post on infosec.exchange]
[Original post on infosec.exchange]
December 9, 2025 at 7:00 PM
👀 React2Shell attacker profiles fresh from GreyNoise telemetry: https://info.greynoise.io/hubfs/PDFs-Sales-Marketing/GreyNoise-React2Shell-Attacker-Profiles.pngAlso, don't miss the latest contribution from GreyNoise Labs on React2Shell […]
[Original post on infosec.exchange]
[Original post on infosec.exchange]
React2Shell blog update 🚨 compromised Next.js nodes are rapidly being enlisted into botnets; threat actor activity reaches ~80 source countries; and more […]
Original post on infosec.exchange
infosec.exchange
December 9, 2025 at 5:20 PM
React2Shell blog update 🚨 compromised Next.js nodes are rapidly being enlisted into botnets; threat actor activity reaches ~80 source countries; and more […]
RE: https://infosec.exchange/@greynoise/115661815317969588
London we are headed your way THIS week! Hope to see you there! 🤘
London we are headed your way THIS week! Hope to see you there! 🤘
Headed to BlackHat EU? 🇬🇧
Swing by the @corelight + GreyNoise booth for a chat and then grab drinks with the team after the con on Wednesday, Dec 10th. Sign up today to reserve your spot!
🔗 https://info.greynoise.io/events/blackhat-europe-hh-2025
#bheu #Corelight #greynoise
Swing by the @corelight + GreyNoise booth for a chat and then grab drinks with the team after the con on Wednesday, Dec 10th. Sign up today to reserve your spot!
🔗 https://info.greynoise.io/events/blackhat-europe-hh-2025
#bheu #Corelight #greynoise
GreyNoise - Happy Hour at BlackHat Europe
Had a full day at BlackHat? Come put your feet up with GreyNoise and Corelight for a laid-back evening with complimentary drinks, nibbles, and great conversations.
info.greynoise.io
December 8, 2025 at 4:20 PM
RE: https://infosec.exchange/@greynoise/115661815317969588
London we are headed your way THIS week! Hope to see you there! 🤘
London we are headed your way THIS week! Hope to see you there! 🤘
CVE-2025-55182 (React2Shell) attacks have begun.
We are seeing broad automated exploitation, PoE math probes, encoded PS stagers, and AMSI bypass attempts, with botnets already adding the vuln.
Patch fast. Watch your logs.
🔗 […]
We are seeing broad automated exploitation, PoE math probes, encoded PS stagers, and AMSI bypass attempts, with botnets already adding the vuln.
Patch fast. Watch your logs.
🔗 […]
Original post on infosec.exchange
infosec.exchange
December 5, 2025 at 3:10 PM
CVE-2025-55182 (React2Shell) attacks have begun.
We are seeing broad automated exploitation, PoE math probes, encoded PS stagers, and AMSI bypass attempts, with botnets already adding the vuln.
Patch fast. Watch your logs.
🔗 […]
We are seeing broad automated exploitation, PoE math probes, encoded PS stagers, and AMSI bypass attempts, with botnets already adding the vuln.
Patch fast. Watch your logs.
🔗 […]
Palo + SonicWall campaign uncovered. We dug into a spike of GlobalProtect login attempts earlier this week and found something unexpected.
Full analysis: https://www.greynoise.io/blog/hidden-pattern-credential-based-attacks-palo-alto-sonicwall
#palo #sonicwall #cybersecurity
Full analysis: https://www.greynoise.io/blog/hidden-pattern-credential-based-attacks-palo-alto-sonicwall
#palo #sonicwall #cybersecurity
December 4, 2025 at 10:28 PM
Palo + SonicWall campaign uncovered. We dug into a spike of GlobalProtect login attempts earlier this week and found something unexpected.
Full analysis: https://www.greynoise.io/blog/hidden-pattern-credential-based-attacks-palo-alto-sonicwall
#palo #sonicwall #cybersecurity
Full analysis: https://www.greynoise.io/blog/hidden-pattern-credential-based-attacks-palo-alto-sonicwall
#palo #sonicwall #cybersecurity
Headed to BlackHat EU? 🇬🇧
Swing by the @corelight + GreyNoise booth for a chat and then grab drinks with the team after the con on Wednesday, Dec 10th. Sign up today to reserve your spot!
🔗 https://info.greynoise.io/events/blackhat-europe-hh-2025
#bheu #Corelight #greynoise
Swing by the @corelight + GreyNoise booth for a chat and then grab drinks with the team after the con on Wednesday, Dec 10th. Sign up today to reserve your spot!
🔗 https://info.greynoise.io/events/blackhat-europe-hh-2025
#bheu #Corelight #greynoise
GreyNoise - Happy Hour at BlackHat Europe
Had a full day at BlackHat? Come put your feet up with GreyNoise and Corelight for a laid-back evening with complimentary drinks, nibbles, and great conversations.
info.greynoise.io
December 4, 2025 at 2:41 PM
Headed to BlackHat EU? 🇬🇧
Swing by the @corelight + GreyNoise booth for a chat and then grab drinks with the team after the con on Wednesday, Dec 10th. Sign up today to reserve your spot!
🔗 https://info.greynoise.io/events/blackhat-europe-hh-2025
#bheu #Corelight #greynoise
Swing by the @corelight + GreyNoise booth for a chat and then grab drinks with the team after the con on Wednesday, Dec 10th. Sign up today to reserve your spot!
🔗 https://info.greynoise.io/events/blackhat-europe-hh-2025
#bheu #Corelight #greynoise
The holiday season brings travel, warm drinks, and... serving as the family IT help desk. Check it all out in November's NoiseLetter ❄️
https://www.greynoise.io/resources/noiseletter-november-2025
https://www.greynoise.io/resources/noiseletter-november-2025
NoiseLetter November 2025
Get GreyNoise updates! Read the November 2025 NoiseLetter for product news, key resources, the latest tags and vulnerabilities, and more.
www.greynoise.io
December 2, 2025 at 6:51 PM
The holiday season brings travel, warm drinks, and... serving as the family IT help desk. Check it all out in November's NoiseLetter ❄️
https://www.greynoise.io/resources/noiseletter-november-2025
https://www.greynoise.io/resources/noiseletter-november-2025
Check out @hrbrmstr's convo with @NPR about the spike in inventive holiday cyber scams, from fake shipping alerts to bogus charity requests. ’Tis the season for scammers, so slow down, double-check links, + stay safe out there. 🎁🔒 […]
Original post on infosec.exchange
infosec.exchange
December 1, 2025 at 7:35 PM
Check out @hrbrmstr's convo with @NPR about the spike in inventive holiday cyber scams, from fake shipping alerts to bogus charity requests. ’Tis the season for scammers, so slow down, double-check links, + stay safe out there. 🎁🔒 […]
This holiday season, run our IP Check at your family’s house, a free tool that answers a question we hear constantly: "How do I know if my home network has been compromised?"
https://www.greynoise.io/blog/your-ip-address-might-be-someone-elses-problem
https://www.greynoise.io/blog/your-ip-address-might-be-someone-elses-problem
November 25, 2025 at 8:46 PM
This holiday season, run our IP Check at your family’s house, a free tool that answers a question we hear constantly: "How do I know if my home network has been compromised?"
https://www.greynoise.io/blog/your-ip-address-might-be-someone-elses-problem
https://www.greynoise.io/blog/your-ip-address-might-be-someone-elses-problem