-
Sonicwall warns of new SMA1000 zero-day exploited in attacks
SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges.
- December 17, 2025
- 12:44 PM
0
-
New wave of VPN login attempts targets Palo Alto GlobalProtect portals
A campaign has been observed targeting Palo Alto GlobalProtect portals with login attempts and launching scanning activity against SonicWall SonicOS API endpoints.
- December 06, 2025
- 10:18 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Marquis data breach impacts over 74 US banks, credit unions
Financial software provider Marquis Software Solutions is warning that it suffered a data breach that impacted dozens of banks and credit unions across the US.
- December 03, 2025
- 05:06 PM
- 1
-
New SonicWall SonicOS flaw allows hackers to crash firewalls
American cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls.
- November 20, 2025
- 10:56 AM
- 0
-
SonicWall says state-sponsored hackers behind September security breach
SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files concludes that state-sponsored hackers were behind the attack.
- November 05, 2025
- 12:13 PM
- 1
-
SonicWall VPN accounts breached using stolen creds in widespread attacks
Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials.
- October 13, 2025
- 11:58 AM
- 0
-
SonicWall: Firewall configs stolen for all cloud backup customers
SonicWall has confirmed that all customers that used the company's cloud backup service are affected by the security breach last month.
- October 09, 2025
- 10:13 AM
- 4
-
Akira ransomware breaching MFA-protected SonicWall VPN accounts
Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully logging in despite OTP MFA being enabled on accounts. Researchers suspect that this may be achieved through the use of previously stolen OTP seeds, although the exact method remains unconfirmed.
- September 28, 2025
- 02:49 PM
- 0
-
SonicWall releases SMA100 firmware update to wipe rootkit malware
SonicWall has released a firmware update that can help customers remove rootkit malware deployed in attacks targeting SMA 100 series devices.
- September 23, 2025
- 09:15 AM
- 1
-
SonicWall warns customers to reset credentials after breach
SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that impacted MySonicWall accounts.
- September 17, 2025
- 12:23 PM
- 3
-
Akira ransomware exploiting critical SonicWall SSLVPN bug again
The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices.
- September 11, 2025
- 12:32 PM
- 0
-
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw.
- August 07, 2025
- 11:27 AM
- 0
-
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender
Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines.
- August 06, 2025
- 04:15 PM
- 0
-
SonicWall urges admins to disable SSLVPN amid rising attacks
SonicWall has warned customers to disable SSLVPN services due to ransomware gangs potentially exploiting an unknown security vulnerability in SonicWall Gen 7 firewalls to breach networks over the past few weeks.
- August 05, 2025
- 07:28 AM
- 1
-
SonicWall firewall devices hit in surge of Akira ransomware attacks
SonicWall firewall devices have been increasingly targeted since late July in a surge of Akira ransomware attacks, potentially exploiting a previously unknown security vulnerability, according to cybersecurity company Arctic Wolf.
- August 01, 2025
- 01:28 PM
- 4
-
SonicWall urges admins to patch critical RCE flaw in SMA 100 devices
SonicWall urges customers to patch SMA 100 series appliances against a critical authenticated arbitrary file upload vulnerability that can let attackers gain remote code execution.
- July 24, 2025
- 07:17 AM
- 0
-
SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware
A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances.
- July 16, 2025
- 11:33 AM
- 0
-
SonicWall warns of trojanized NetExtender stealing VPN logins
SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials.
- June 24, 2025
- 04:36 PM
- 0
-
SonicWall urges admins to patch VPN flaw exploited in attacks
SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks
- May 08, 2025
- 07:19 AM
- 0
-
SonicWall warns of more VPN flaws exploited in attacks
Cybersecurity company SonicWall has warned customers that two older vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks.
- April 30, 2025
- 01:23 PM
- 0
