intelowlproject · Nehall1 · Apr 7, 2026 · Apr 8, 2026 · Apr 9, 2026 · Apr 14, 2026
diff --git a/api_app/analyzers_manager/migrations/0190_remove_greynoise_labs_analyzer.py b/api_app/analyzers_manager/migrations/0190_remove_greynoise_labs_analyzer.py
@@ -0,0 +1,31 @@
+# Generated by Django 4.2.27 on 2026-04-10
+
+from django.db import migrations
+
+
+def migrate(apps, schema_editor):
+    PythonModule = apps.get_model("api_app", "PythonModule")
+    PeriodicTask = apps.get_model("django_celery_beat", "PeriodicTask")
+    pm = PythonModule.objects.filter(
+        module="greynoise_labs.GreynoiseLabs",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    ).first()
+    if pm:
+        task_ids = [getattr(pm, "update_task_id", None)]
+        task_ids.extend(getattr(c, "health_check_task_id", None) for c in pm.analyzerconfigs.all())
+        PeriodicTask.objects.filter(id__in=[t for t in task_ids if t]).delete()
+
+        pm.analyzerconfigs.all().delete()
+        pm.delete()
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api_app", "0062_alter_parameter_python_module"),
+        ("analyzers_manager", "0189_update_capa_timeout"),
+        ("django_celery_beat", "0001_initial"),
+    ]
+
+    operations = [
+        migrations.RunPython(migrate, migrations.RunPython.noop),
+    ]
diff --git a/api_app/analyzers_manager/observable_analyzers/greynoise_labs.py b/api_app/analyzers_manager/observable_analyzers/greynoise_labs.py
diff --git a/api_app/analyzers_manager/observable_analyzers/hudsonrock.py b/api_app/analyzers_manager/observable_analyzers/hudsonrock.py
@@ -103,6 +103,10 @@ def run(self):
                     + self.get_param_url(["sortby", "page", "installed_software"])
                 )
                 response = requests.post(url, headers=headers, json={"login": self.observable_name})
+            else:
+                raise AnalyzerConfigurationException(
+                    f"Invalid GENERIC observable (not an email): {self.observable_name}" + " for HudsonRock"
+                )
         else:
             raise AnalyzerConfigurationException(
                 f"Invalid observable type {self.observable_classification}"

diff --git a/api_app/analyzers_manager/observable_analyzers/validin.py b/api_app/analyzers_manager/observable_analyzers/validin.py
@@ -36,6 +36,7 @@ def _run_all_queries(self, endpoints, headers):
                         logger.error(f"Query {query_name} failed")
 
                         # we wont stop other quries from executing if one fails
+                        continue
                     final_response[f"{query_name}"] = response.json()
                 except requests.RequestException as e:
                     raise AnalyzerRunException(e)

diff --git a/api_app/connectors_manager/connectors/misp.py b/api_app/connectors_manager/connectors/misp.py
@@ -118,11 +118,16 @@ def run(self):
         # append attribute name to event info
         event.info += f": {self._base_attr_obj.value}"
 
-        # add event to MISP Instance
-        misp_event = misp_instance.add_event(event, pythonify=True)
-        # add attributes to event on MISP Instance
+        # bulk: attach all attributes to the event object before sending
         for attr in attributes:
-            misp_instance.add_attribute(misp_event.id, attr)
+            event.add_attribute(
+                attr.type,
+                attr.value,
+                **{k: v for k, v in attr.to_dict().items() if k not in ("type", "value", "uuid")},
+            )
+
+        # single request — event + all attributes sent together
+        misp_event = misp_instance.add_event(event, pythonify=True)
 
         return misp_instance.get_event(misp_event.id)
 

diff --git a/frontend/src/constants/miscConst.js b/frontend/src/constants/miscConst.js
@@ -28,9 +28,9 @@ export const localTimezone = Intl.DateTimeFormat().resolvedOptions().timeZone;
 export const HistoryPages = Object.freeze({
   JOB: "jobs",
   INVESTIGAITON: "investigations",
-  USER_EVENT: "user-events",
-  USER_DOMAIN_WILDCARD_EVENT: "user-domain-wildcard-events",
-  USER_IP_WILDCARD_EVENT: "user-ip-wildcard-events",
+  USER_EVENT: "user-evaluations",
+  USER_DOMAIN_WILDCARD_EVENT: "user-domain-wildcard-evaluations",
+  USER_IP_WILDCARD_EVENT: "user-ip-wildcard-evaluations",
 });
 
 export const Classifications = Object.freeze({

diff --git a/integrations/malware_tools_analyzers/Dockerfile b/integrations/malware_tools_analyzers/Dockerfile
@@ -60,10 +60,12 @@ RUN if [[ $TARGETARCH == "amd64" ]]; then \
 # Build guelfo's PEFrame
 WORKDIR ${PROJECT_PATH}/peframe
 COPY requirements/peframe-requirements.txt ./
+# peframe-ds 6.1.0 uses array.tostring() which was removed in Python 3.9+, patch it after install
 RUN python3 -m venv venv \
     && . venv/bin/activate \
     && pip3 install --no-cache-dir --upgrade pip \
-    && pip3 install --no-cache-dir -r peframe-requirements.txt --no-cache-dir
+    && pip3 install --no-cache-dir -r peframe-requirements.txt --no-cache-dir \
+    && sed -i 's/\.tostring()/\.tobytes()/g' venv/lib/python3.*/site-packages/peframe/modules/features.py
 
 # Install guelfo's artifacts
 # there is no version management on this project so we just pull the most recent changes

diff --git a/issues_latest.json b/issues_latest.json
@@ -0,0 +1,41 @@
+[
+  {
+    "number": 3653,
+    "title": "[BUG] job_pipeline task does not set job's final status on exception jobs get stuck in RUNNING forever",
+    "url": "https://github.com/intelowlproject/IntelOwl/issues/3653",
+    "labels": [
+      "bug"
+    ]
+  },
+  {
+    "number": 3647,
+    "title": "[Bug] HudsonRock analyzer crashes when GENERIC observable is not an email",
+    "url": "https://github.com/intelowlproject/IntelOwl/issues/3647",
+    "labels": [
+      "bug"
+    ]
+  },
+  {
+    "number": 3639,
+    "title": "Race condition in Job creation causes data loss",
+    "url": "https://github.com/intelowlproject/IntelOwl/issues/3639",
+    "labels": [
+      "bug"
+    ]
+  },
+  {
+    "number": 3623,
+    "title": "Cross-organization data leakage in plugin_state_viewer endpoint",
+    "url": "https://github.com/intelowlproject/IntelOwl/issues/3623",
+    "labels": []
+  },
+  {
+    "number": 3622,
+    "title": "History artifacts tabs are broken",
+    "url": "https://github.com/intelowlproject/IntelOwl/issues/3622",
+    "labels": [
+      "bug",
+      "frontend"
+    ]
+  }
+]
diff --git a/tests/api_app/analyzers_manager/unit_tests/observable_analyzers/test_greynoise_labs.py b/tests/api_app/analyzers_manager/unit_tests/observable_analyzers/test_greynoise_labs.py
diff --git a/tests/api_app/analyzers_manager/unit_tests/observable_analyzers/test_hudsonrock.py b/tests/api_app/analyzers_manager/unit_tests/observable_analyzers/test_hudsonrock.py
@@ -1,3 +1,4 @@
+from api_app.analyzers_manager.exceptions import AnalyzerConfigurationException
 from api_app.analyzers_manager.observable_analyzers.hudsonrock import HudsonRock
 from tests.api_app.analyzers_manager.unit_tests.observable_analyzers.base_test_class import (
     BaseAnalyzerTest,
@@ -37,3 +38,11 @@ def get_mocked_response():
                 200,
             ),
         )
+
+    def test_invalid_generic_raises_exception(self):
+        config = self.get_extra_config()
+        config["observable_name"] = "johndoe123"
+
+        analyzer = self.analyzer_class(**config)
+        with self.assertRaises(AnalyzerConfigurationException):
+            analyzer.run()