logo

GreyNoise Labs

ID: 8f90b2ac-3023-56a1-9bb8-389f970e8446

STIX ID: identity--8f90b2ac-3023-56a1-9bb8-389f970e8446

Feed Type: rss

Earliest post: 2023-03-23

Latest post: 2026-02-15

Threat intelligence research and internet-wide scanning insights from GreyNoise Labs — profiling noisy scanners, adversary tooling, IoAs, and background internet traffic to help defenders filter noise and focus on real threats.

01/01/2020
05/29/2026
Title Date Published ↓Describes IncidentAuthorVisible
GreyNoise Labs Weekly OAST (Well-known Out-of-band Interaction Domains) Report • Week Ending 2026-02-132026-02-15True🔮Orbie✨ True
2026-01-14: The Day the telnet Died2026-02-10Truehrbrmstr & 🔮Orbie✨True
GreyNoise Labs Weekly OAST (Well-known Out-of-band Interaction Domains) Report • Week Ending 2026-02-062026-02-07True🔮Orbie✨ True
Vive La Vulnérabilité: French Kubernetes Cluster Hunts Your Webhook Endpoints2026-02-03Truehrbrmstr & 🔮Orbie✨True
Dual-Mode Citrix Gateway Reconnaissance: When Residential Proxies Meet Version Hunting2026-02-02Truehrbrmstr & 🔮Orbie✨True
GreyNoise Labs Weekly OAST (Well-known Out-of-band Interaction Domains) Report • Week Ending 2026-01-312026-01-31True🔮Orbie✨ True
Inside the Infrastructure: Who’s Scanning for Ivanti Connect Secure?2026-01-29TrueGlenn Thorpe & 🔮Orbie✨True
GreyNoise Labs Weekly OAST (Well-known Out-of-band Interaction Domains) Report • Week Ending 2026-01-242026-01-24True🔮Orbie✨ True
-f Around and Find Out: 18 Hours of Unsolicited Telnet Houseguests2026-01-22Truehrbrmstr + 🔮Orbie✨True
Creepy Crawlers: Hunting Those Who Hunt For WordPress Plugins2026-01-19Truehrbrmstr + 🔮Orbie✨True
GreyNoise Labs Weekly OAST (Well-known Out-of-band Interaction Domains) Report • Week Ending 2026-01-172026-01-18True🔮Orbie✨ True
SmarterMail Version Enumeration: Threat Actors Building Target Lists Post-CVE-2025-526912026-01-13Truehrbrmstr True
GreyNoise Labs Weekly OAST (Well-known Out-of-band Interaction Domains) Report • Week Ending 2026-01-092026-01-10Truehrbrmstr True
ColdFusion++ Christmas Campaign: Catching a Coordinated Callback Calamity2025-12-26Truehrbrmstr True
React2Shell Side Quest: Tracking Down Malicious MeshCentral Nodes2025-12-09Truehrbrmstr True
The PoC Pollution Problem: How AI-Generated Exploits Are Poisoning Detection Engineering2025-07-30Trueh0wdy & hrbrmstrTrue
Checking the Scope of CVE-2025-489272025-07-16Trueh0wdy True
Exploiting Erlang OTP with Zip files: CVE-2025-47482025-06-17Trueremy True
AyySSHush: Tradecraft of an emergent ASUS botnet2025-05-28Trueremy True
CVE-2025-32433 - State Machine Err-ly RCE in Erlang/OTP SSH Server2025-04-22TrueKonstantin LazarevTrue
Yer a Wizard! Tagging Hard-coded Credentials Can Lead to Finding Magic (Numbers)2024-12-03TrueKonstantin LazarevTrue
Null problem! Or: the dangers of an invisible byte2024-11-20TrueRon BowesTrue
CVE-2024-8956, CVE-2024-8957: How to Steal a 0-Day RCE (With a Little Help from an LLM)2024-10-31TrueKonstantin LazarevTrue
Whatchu looking for (starring SolarWinds Serv-U - CVE-2024-28995)2024-09-30TrueRon BowesTrue
BLUUID: Firewallas, Diabetics, And… Bluetooth2024-08-20TrueRemy True
Command and Control (C2) Servers 1012024-07-18TrueKonstantin LazarevTrue
Perma-Vuln: D-Link DIR-859, CVE-2024-07692024-06-25TrueRemy True
SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you!2024-06-18TrueRon BowesTrue
What’s Going on With CVE-2024-4577 (Critical RCE in PHP)?2024-06-13TrueKonstantin LazarevTrue
Decrypting FortiOS 7.0.x2024-04-23TrueGreyNoise Labs Research TeamTrue
Where are they now? Starring: Confluence CVE-2023-225272024-03-13TrueRon BowesTrue
Hunting for Fortinet CVE-2024-21762: Vulnerability Research for Detection Engineering2024-03-08Trueh0wdy True
Code injection or backdoor: A new look at Ivanti’s CVE-2021-445292024-02-16TrueRon BowesTrue
The Confusing History of F5 BIG-IP RCE Vulnerabilities2024-01-19TrueRon BowesTrue
Panic!! At the YAML2024-01-03TrueRon BowesTrue
If You’re Going to Spray My Exploit… (CVE-2022-41800)2023-12-13TrueRon BowesTrue
Talk-A-Blog: Apache Struts2 CVE-2023-50164, File Upload Vulnerability Analysis2023-12-12TrueRemy True
The Forgotten ownCloud vulnerability (CVE-2023-49105)2023-12-05TrueRon BowesTrue
Don’t Leave Me on Read: The Efficacy of Dynamic Honeypots for Novel Exploitation Discovery2023-12-05Trueh0wdy True
Details and Caveats for ownCloud information disclosure (CVE-2023-49103)2023-11-29TrueRon BowesTrue
â­• Emulating and Exploiting Oracle WebLogic Server for PCap Analysis (CVE-2023-21839)2023-04-21Trueh0wdy True
EdgeLord: Schrödinger’s 0-Day2023-03-23Truesome oneTrue

1–42 of 42

Built by the dogesec team. Copyright 2026.