TLP:WHITE12 IOCs
Palo Alto Warns of Actively Exploited GlobalProtect VPN Vulnerability
Diamond Model
Adversary
Infrastructure(6)
Capability
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise12
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| IP | 104.207.144.154 accessactive scanapt | High | 73 | May 30, 26 |
| IP | 146.19.216.125 accessactive scanactive scanning | High | 72 | Jan 24, 26 |
| IP | 209.99.191.137 exploitintel-blognetwork | High | 58 | Jun 15, 26 |
| IP | 179.43.172.213 active scanbrute forcebrute-force | Medium | 37 | May 28, 26 |
| CVE | CVE-2026-0257 aptespionageexploit | High | 69 | Jun 2, 26 |
| IP | 146.19.216.120 abuseaccessactive scan | High | 78 | Jan 24, 26 |
| IP | 23.128.228.6 active scanningasiaddos attack | Medium | 53 | Aug 3, 25 |
| IP | 79.130.26.202 europeexploitgr | Low | 30 | Aug 26, 20 |
| IP | 185.195.232.139 abuseaccess controlactive scan | Medium | 66 | Jul 25, 24 |
| IP | 146.19.216.119 accessactive scanactive scanning | High | 75 | Jan 25, 26 |
| IP | 198.12.106.60 exploitindicatorintel-blog | Medium | 48 | Jun 6, 26 |
| IP | 202.144.192.47 exploitindicatorintel-blog | Medium | 48 | Jun 6, 26 |
IOC Relationship Graph
IOC Relationship Graph12 total IOCs
IPCVE