<ul><li>Security researchers have observed a significant surge in login scanning activity against Palo Alto Networks' PAN-OS GlobalProtect portals, with almost 24,000 unique IP addresses attempting to access these portals in March 2025.</li><li>This pattern suggests a coordinated effort to identify exposed or vulnerable systems and potentially exploit them.</li><li>154 of the 24,000 unique IP addresses were labeled as 'malicious,' and the majority of the targets were located in the US.</li><li>IT teams are advised to review their logs and harden their login portals to prevent potential attacks.</li></ul>

Palo Alto Networks gateways facing huge number of possible security attacks

Discover more