Inc Ransomware Exploits SonicWall SMA Zero-Days
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident.
Ransomware and vendor breaches persist. The "2026 Data Breach Investigations Report" (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.
Microsoft says the financially motivated cybercrime group has exploited n-day and zero-day vulnerabilities in campaigns predicated on speed.
The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before it was publicly disclosed.
The ransomware group breached SmarterTools through a vulnerability in the company's own SmarterMail product.
Researchers discovered a newly disclosed vulnerable driver embedded in Black Basta's ransomware, illustrating the increasing popularity of the defense-evasion technique.
Ransomware groups target enterprises during off-hours, weekends, and holidays when security teams are stretched thin and response times lag.
The infamous Clop gang has targeted a wide range of Oracle E-Business Suite customers using a newly disclosed zero-day vulnerability.
Akira ransomware actors are currently targeting SonicWall firewall customers vulnerable to a bug discovered last year.
By weaponizing the ThrottleStop.sys driver, attackers are disrupting antivirus and endpoint detection and response (EDR) systems.
Researchers highlight how Warlock, a new ransomware heavyweight, uses its sophisticated capabilities to target on-premises SharePoint instances.
A threat actor with likely links to the Abyss ransomware group is leveraging an apparent zero-day vulnerability to deploy the "Overstep" backdoor on fully up-to-date appliances.
Transportation facilities and networks slowly adapt to changes and threats, leaving them vulnerable to agile cyberattackers, as demonstrated by the $10 million ransomware attack.
CISA this week added CVE-2025-24472 to its catalog of known exploited vulnerabilities, citing ransomware activity targeting the authentication bypass flaw.
Until C-level executives fully understand potential threats and implement effective mitigation strategies, healthcare organizations will remain vulnerable and at risk of disruption.
CISA has added CE-2024-40766 to its known exploited vulnerabilities catalog.
An RCE vulnerability that affects the Web scripting language on Windows systems is easy to exploit and can provide a broad attack surface.
The business intelligence servers contain vulnerabilities that Qlik patched last year, but which Cactus actors have been exploiting since November. Swathes of organizations have not yet been patched.
An emerging actor is the latest to deploy a tactic that terminates AV processes and services before deploying its payload; the campaign is part of a bigger "bring your own vulnerable driver" trend.