GreyNoise Labs Weekly OAST (Well-known Out-of-band Interaction Domains) Report • Week Ending 2026-01-31

Between 2026-01-24 and 2026-01-31 GreyNoise observed a large-scale, multi-week reconnaissance operation: 6,752 scanning sessions from 58 IPs using 5,531 OAST domains across 48 campaigns targeting enterprise apps, IoT devices, and cloud infrastructure, actively exploiting critical CVEs (notably Oracle WebLogic RCE and Java deserialization), leveraging distinctive anomalous TCP fingerprints (MSS 65495), and leaving numerous actionable IOCs and detection opportunities.