top of page
perceptive_background_267k.jpg

New wave of VPN login attempts targets Palo Alto GlobalProtect portals

Published:

6 December 2025 at 15:18:19

Alert date:

6 December 2025 at 19:00:56

Source:

bleepingcomputer.com

Click to open the original link from this advisory

A new campaign is targeting Palo Alto GlobalProtect VPN portals with login attempts and conducting scanning activities against SonicWall SonicOS API endpoints. This represents an active threat against enterprise VPN infrastructure that could lead to unauthorized network access if successful. Organizations using these platforms should monitor for suspicious login activity and implement additional security measures.

Technical details

Mitigation steps:

Affected products:

Palo Alto GlobalProtect
SonicWall SonicOS

Related links:

https://www.bleepingcomputer.com/news/security/new-wave-of-vpn-login-attempts-targets-palo-alto-globalprotect-portals/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page