Inc Ransomware Exploits SonicWall SMA Zero-Days
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
Stay informed on the latest exploit trends and vulnerabilities. Get expert insights and updates on information security exploits with our dedicated tag.
Search across headline titles and summaries.
Background for this topic.
An exploit is code, data, or a sequence of actions that uses a software, hardware, or configuration vulnerability to produce unintended behavior. Depending on the flaw and the attacker’s access, it may enable unauthorized code execution, privilege escalation, information disclosure, or denial of service. Exploitation can occur remotely through exposed services, web applications, or client software, or locally after an attacker gains limited access.
Exploitation matters because a vulnerability becomes an active attack path when the required conditions are reachable and exploitable. Defenders should inventory affected assets, prioritize remediation when exploitation is known or credible, apply patches or vendor mitigations, and reduce exposure through access controls, segmentation, and secure configuration. Monitoring for exploit-specific indicators—such as abnormal requests, unexpected processes, or privilege changes—supports detection; systems suspected of successful exploitation require containment and investigation for follow-on access.
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
A security researcher using the "Nightmare Eclipse" handle has released a Windows zero-day exploit dubbed LegacyHive that allows attackers to escalate privileges on up-to-date Windows systems. [...]
Also: AscendEX Shuts Down; Ethereum Foundation on AI Bug HuntingThis week, Ostium paused trading, AscendEX shut down, Ethereum said AI hastens bug hunting, not verification, the United States charged an inmate over seized transfer, ex-Sheriff's deputy jailed for extortion, Tangem card security, Iran-linked wallets sanctions and the U.S. may drop BitClub charges.
LegacyHive Is a Local Privilege Escalation BugThe vulnerability hunter in a feud with Microsoft released yet another Windows zero-day Tuesday as promised, though the touted "bone-shattering" disclosure was stripped down to prevent public exploitation. LegacyHive, exploits a profile-loading race condition to access another user's registry hive.
Certo Software warns that the capability, designed for convenience, can easily be used to spy on online activity. The post Security researchers find stalkers abusing Chrome’s sync feature appeared first on CyberScoop.
Email attacks overtook exploits as the top ransomware root cause last year. Multifactor authentication (MFA) was deployed in 97% of credential-based attacks but failed to prevent compromise.
Researchers said the vulnerabilities, which attackers are chaining together, were first exploited three weeks before the vendor disclosed and patched the defects. The post SonicWall customers under threat as attackers exploit 2 zero-days appeared first on CyberScoop.
LegacyHive PoC exposes a Windows Privilege Escalation flaw affecting fully patched Windows desktop and server systems. Just hours after Microsoft’s July 2026 Patch Tuesday, security researcher Nightmare Eclipse, also known as Chaotic Eclipse, published a new Windows zero-day proof-of-concept called LegacyHive. This time, the target is the Windows User Profile Service (ProfSvc), and unlike the […]
When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.
Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published
Simple age-old bugs give bad actors access to developers' secrets and source code-rich environments.
Progress has restored access to its ShareFile Storage Zones Controller after a four-day suspension triggered by a credible external security threat
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse) has released a new proof-of-concept (PoC) exploit called LegacyHive
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution
Many vulnerabilities cannot be safely validated with live exploits, either because no exploit exists or the affected systems are too critical to test. Picus explains how TTP chaining helps organizations determine exploitability by validating the attack techniques an exploit depends on, without launching the exploit itself. [...]
Researchers at Jamf Threat Labs detail CrashStealer, which steals passwords, cryptocurrency wallets and more