Inc Ransomware Exploits SonicWall SMA Zero-Days
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
Mobile security covers threats to smartphones and tablets, including malicious apps, data theft, account compromise, and insecure wireless connections.
Search across headline titles and summaries.
Background for this topic.
Mobile security covers the protection of smartphones, tablets, and closely related handheld devices, including their operating systems, applications, wireless connections, and stored data. These devices combine personal and business information with cellular, Wi‑Fi, Bluetooth, and location services, and often provide access to cloud and corporate systems.
Material risks include malicious or over-privileged applications, phishing and fraudulent authentication prompts, unpatched operating-system or baseband vulnerabilities, and exposure after a device is lost or stolen. Security teams typically reduce these risks through timely updates, approved application sources, encryption, strong screen locks and phishing-resistant authentication where supported, and mobile-device management that enforces policy and can remove access or wipe business data. Application permissions and device telemetry also require privacy controls, particularly when personal and corporate data share the same device. Mobile vulnerability disclosures and incidents may require checking device models, operating-system versions, applications, and management coverage rather than treating all mobile devices as equivalent.
Weekly headline count for the current query.
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
SonicWall warns of active attacks exploiting two SMA 1000 zero-days, including a flaw enabling arbitrary command execution. SonicWall confirmed the active exploitation of two zero-day vulnerabilities affecting Secure Mobile Access (SMA) 1000 appliances. The vulnerabilities were internally discovered and reported by Adam Babis of the company’s PSIRT. The company investigated multiple incidents indicating these vulnerabilities […]
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution
A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while serving on a committee that was tasked with investigating the abuse of such commercial surveillance tools in the bloc
Anthropic appears to be testing Claude Cowork support on mobile, allowing you to manage long-running Claude tasks from your phone. [...]
It’s Monday again
Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts impersonating politicians, public figures, and trusted organizations
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways. [...]
Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers to execute code with root privileges. [...]
Check Point says a critical vulnerability in its Remote Access VPN and Mobile Access solutions has been exploited by Qilin
CISA has ordered U.S. government agencies to secure their Check Point Remote Access VPN and Mobile Access deployments against a critical vulnerability exploited in zero-day attacks by Qilin ransomware affiliates. [...]
Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol
Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited in zero-day attacks. [...]
Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it had uncovered and documented a large-scale foreign intelligence operation targeting the mobile devices of senior Russian officials. The […]
Google fixed 124 Android flaws, including CVE-2025-48595, an actively exploited privilege escalation bug linked to targeted attacks. Google has released its June 2026 Android security updates, fixing 124 vulnerabilities across the mobile operating system. One flaw, tracked as CVE-2025-48595 (CVSS score of 8.4) stands out from the rest because it is already being exploited in […]
FSB claims large-scale snoop op compromised phones of senior officials, but gives no technical evidence to back allegations
The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advocates, and intelligence analysts have been warning about the same thing: smartphone location data isn’t just an advertising product. It’s surveillance infrastructure that anyone with enough money can access. […]
Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks
Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and seized more than 200 servers at a local provider that supported the operation. Infected devices included computers, tablets, and smartphones. The action was carried out following […]
Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and seized more than 200 servers at a local provider that supported the operation. Infected devices included computers, tablets, and smartphones. The action was carried out following […]