GreyNoise Launches Block: Fully configurable, real-time blocklists
Learn More
Why GreyNoise
Products
Enterprise and Government
GreyNoise Platform
Real-time, verifiable network threat intelligence
Greynoise Platform Use Cases
CVE Disclosure Early Warning
Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection
Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization
Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency
Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation
Add context to incidents to speed the determinations of scope and timelines
Threat Hunting
Quickly identify anomalous behavior and enrich your threat hunting campaigns
Small and Mid-Sized Businesses
GreyNoise Block
Fully configurable, real-time blocklists to stop attackers in their tracks
Learn More
Integrations
GreyNoise Integrations
SIEM
SOAR
TIP
Firewall
Resources
Blog
Resource Library
Storm Watch Podcast
Tag Request
Documentation
Company
About
In the News
Press Room
Upcoming Events
Partners
Community
Careers
GreyNoise Love
Login
Search for free
Get a demo
Get a demo
Login
Search data
Why GreyNoise
Products
Enterprise and Government
Greynoise Platform
Fully configurable, real-time blocklists to stop attackers in their tracks
GreyNoise Platform use Cases
CVE Disclosure Early Warning
Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection
Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization
Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency
Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation
Add context to incidents to speed the determinations of scope and timelines
Threat Hunting
Quickly identify anomalous behavior and enrich your threat hunting campaigns
Small and Mid-Sized Businesses
Greynoise Block
Fully configurable, real-time blocklists to stop attackers in their tracks
Integrations
GreyNoise Integrations
SIEM
SOAR
TIP
Firewall
Resources
Blog
Resource Library
Storm Watch Podcast
Tag Request
Documentation
Company
About
Press Room
In the News
Upcoming Events
Partners
Community
Careers
GreyNoise Love
GreyNoise in the news
The latest news, announcements, and perspectives from GreyNoise.
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors
Dec 16, 2025
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components
Dec 15, 2025
Attackers Worldwide are Zeroing In on React2Shell Vulnerability
Dec 11, 2025
Cyber deception trials: what we’ve learned so far
Dec 11, 2025
Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims
Dec 10, 2025
React Server Components crisis escalates as security teams respond to compromises
Dec 10, 2025
DEW #140 - SVG Filter ClickJacking, Detection Engineering "Onboarding" and React2Shell spotlight
Dec 10, 2025
State-linked groups target critical vulnerability in React Server Components
Dec 9, 2025
Researchers track dozens of organizations affected by React2Shell compromises tied to China’s MSS
Dec 8, 2025
Ongoing attack campaign sets sights on Palo Alto Networks GlobalProtect portals, SonicWall APIs
Dec 8, 2025
React2Shell: Dozens breached, tens of thousands vulnerable, including 500+ in Australia
Dec 8, 2025
Critical React2Shell RCE Flaw Actively Exploited to Run Malicious Code
Dec 8, 2025
Critical React2Shell RCE Vulnerability Exploited in the Wild to Execute Malicious Code
Dec 8, 2025
Hackers exploit Palo Alto and SonicWall VPN login portals
Dec 8, 2025
Palo Alto GlobalProtect Portals Face Spike in Suspicious Login Attempts
Dec 8, 2025
Hackers Launch Widespread Attacks on Palo Alto GlobalProtect Portals from 7,000+ IPs
Dec 7, 2025
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
Dec 6, 2025
2.15M Web Services Running Next.js Exposed Over Internet, Active Exploitation Underway – Patch Now
Dec 6, 2025
New wave of VPN login attempts targets Palo Alto GlobalProtect portals
Dec 6, 2025
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Dec 6, 2025
Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs
Dec 6, 2025
AI and Cybersecurity: Staying Ahead of Threats
Dec 5, 2025
Warning: React2Shell vulnerability already being exploited by threat actors
Dec 5, 2025
Attackers hit React defect as researchers quibble over proof
Dec 5, 2025
Previous
2 / 45
Next
Cookie Settings
We use cookies to ensure you get the best experience on our website.
Learn more
Got it
.png)
