In a startling development that underscores the relentless evolution of cyber threats, the Akira ransomware group has been actively exploiting vulnerabilities in SonicWall SSL VPN appliances, even targeting devices that are fully patched. This campaign, which surged in late July, has compromised numerous organizations, raising alarms about a potential zero-day flaw that bypasses existing security...Read More
A leading mobile device insurance and service network has initiated insolvency proceedings in the wake of a cyberattack. Germany’s Einhaus Group was targeted by hackers in March 2023 and is understood to have paid a ransom(ware) fee of around $230,000 at the time, according to Wa.de and Golem.de (machine translations). However, the once large and...Read More
A significant security breach within the Qilin ransomware operation has provided unprecedented insight into the group’s affiliate network structure and operational methods. On July 31, 2025, internal conflicts between the ransomware group and one of its affiliates led to the public exposure of sensitive operational details, marking a rare glimpse into the inner workings of...Read More
A suspected zero-day vulnerability in SonicWall firewall devices that the Akira ransomware group is actively exploiting. The flaw allows attackers to gain initial access to corporate networks through SonicWall’s SSL VPN feature, leading to subsequent ransomware deployment. In late July 2025, security researchers observed a significant increase in ransomware attacks leveraging SonicWall devices. The evidence...Read More
Cybersecurity firm Arctic Wolf has identified a significant increase in ransomware attacks targeting SonicWall firewall devices in late July 2025, with evidence pointing to the exploitation of a previously unknown zero-day vulnerability. The company’s investigation revealed multiple coordinated attacks using SonicWall SSL VPNs as the initial access point, raising serious concerns about the security of...Read More
Ransomware attacks cripple government services across Dutch Caribbean islands | NL Times Skip to main content Source link .........................Read More
Because the scale of ransomware has become so significant, the Government’s move is a good one – though not necessarily because it will deter the criminals, reckon experts. “The proposed ban on public sector bodies paying ransoms is not surprising,” says Gareth Oldale, partner and head of data privacy and cybersecurity at law firm TLT....Read More
Aug 02, 2025Ravie LakshmananVulnerability / Zero Day SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. “In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs,”...Read More
A new ransomware threat has emerged as one of the most aggressive cybercriminal operations of 2025, with SafePay ransomware claiming responsibility for over 265 successful attacks spanning multiple continents. The group, which first appeared in September 2024 with limited activity targeting just over 20 victims, has dramatically escalated its operations since early 2025, establishing itself...Read More
In late July 2025, Arctic Wolf observed an increase in ransomware activity targeting SonicWall firewall devices for initial access. In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs. While credential access through brute force, dictionary attacks, and credential stuffing have not...Read More
