SonicWall Wednesday disclosed a zero-day vulnerability impacting its SMA1000 access platform that is under active exploitation via chained attacks. CVE-2025-40602 is a medium-severity local privilege escalation vulnerability in SonicWall’s SMA1000 …
Tag:
SonicWall
Safety & Security
SonicWall VPNs face a breach of their own after the September cloud-backup fallout
by David Walker
Huntress’ new discovery, however, points to a separate, credential-driven campaign. Starting around October 4, Huntress observed mass logins into SonicWall SSLVPN devices from attacker-controlled IPs – one notably traced to …
Safety & Security
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
by David Walker
Aug 02, 2025Ravie LakshmananVulnerability / Zero Day SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late …