Massive Brute-Force Attack Targets VPN Devices Using 2.8 Million IPs

by Justin Erickson

Cybersecurity researchers have detected a massive brute-force attack leveraging 2.8 million unique IP addresses to target many devices, including those from Palo Alto Networks, Ivanti, and SonicWall. Attackers are leveraging these 2.8 million IPs by systematically guessing credentials (brute-forcing), potentially gaining unauthorized access to corporate networks and sensitive data. This large-scale attack highlights the risks of weak passwords and outdated authentication methods. Organizations using these network devices are urged to enforce strong, unique passwords, enable multi-factor authentication (MFA), use an allowlist of trusted IPs, and disable web admin interfaces when they’re not needed to prevent unauthorized access.