cR0w :cascadia:<p>It's free threat intel Thursday. Have some recently ( within the last week ) malicious IP lists.</p><p>IPs observed attempting to log in to Palo Alto GlobalProtect portals. Note that they all geolocated to US so it's a pretty small list: <a href="https://cascadiacrow.com/pan_20250703.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cascadiacrow.com/pan_20250703.</span><span class="invisible">txt</span></a></p><p>IPs observed attempting to log in to F5 BIG-IP VPNs. Note that they all geolocated to US so it's also a pretty small list: <a href="https://cascadiacrow.com/f5_20250703.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cascadiacrow.com/f5_20250703.t</span><span class="invisible">xt</span></a></p><p>IPs observed attempting to log in to M365 and are listed as known malicious by Microsoft: <a href="https://cascadiacrow.com/microsoft_20250703.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cascadiacrow.com/microsoft_202</span><span class="invisible">50703.txt</span></a></p><p><a href="https://infosec.exchange/tags/GAYINT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GAYINT</span></a> <a href="https://infosec.exchange/tags/FURINT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FURINT</span></a></p>