GlobalProtect VPN portals probed with 2.3 million scan sessions
A major spike in malicious scanning against Palo Alto Networks GlobalProtect portals has been detected, starting on November 14, 2025. [...]
Palo Alto Networks develops cybersecurity platforms and products whose vulnerabilities, advisories, and deployments can affect network and cloud security.
Search across headline titles and summaries.
Background for this topic.
Palo Alto Networks develops cybersecurity platforms for network firewalls, cloud and application security, secure remote access, endpoint protection, and security operations. Its firewalls commonly run PAN-OS, enforcing traffic and access policies, inspecting network activity, and collecting telemetry for detection and response.
For practitioners, advisories involving PAN-OS, firewall management interfaces, or remote-access gateways can require rapid exposure assessment, patching, configuration changes, and log review for signs of exploitation. Internet-facing management services and overly broad rules are important attack surfaces; a vulnerability may be more consequential when administrative access or sensitive inspection data is involved. Cloud and endpoint components add identity, API, agent, and data-handling dependencies, so updates should be tested across integrations and privileges. Security teams should validate fixes against asset inventories, monitor relevant indicators, and control access to retained telemetry where privacy or regulatory obligations apply.
A major spike in malicious scanning against Palo Alto Networks GlobalProtect portals has been detected, starting on November 14, 2025. [...]
GlobalProtect login endpoints targeted, sparking concern that something bigger may be brewing Malicious traffic targeting Palo Alto Networks' GlobalProtect portals surged almost 40-fold in the space of 24 hours, hitting a 90-day high and putting defenders on alert for whatever comes next.…
Company thinks you’ll contemplate replacing most security kit in the next few years to stay safe Palo Alto Networks CEO Nikesh Arora has suggested hostile nation-states will possess quantum computers in 2029, or even a little earlier, at which point most security appliances will need to be replaced.…