Active Exploitation of Possible SonicWall SSL VPN Vulnerability Leading to Ransomware Deployment

SonicWall has released an advisory regarding a malicious campaign targeting Gen 7 SonicWall firewalls through a possible zero-day vulnerability in the SSL VPN, which is being actively exploited to deploy ransomware. According to security researchers from Arctic Wolf and Huntress, threat actors have successfully compromised accounts even in environments with MFA enabled. Additionally, some fully continue reading : Active Exploitation of Possible SonicWall SSL VPN Vulnerability Leading to Ransomware Deployment

Critical Vulnerability in On-Premise SharePoint Servers (CVE-2025-53770)

Microsoft has released an official guide to mitigate ongoing attacks targeting a zero-day vulnerability in on-premises SharePoint Servers, while SharePoint Online in Microsoft 365 is not impacted. Tracked as CVE-2025-53770, security researchers from Eye Security shared their findings that this vulnerability is a variant of CVE-2025-49706, which Microsoft already addressed in the July 2025 Patch continue reading : Critical Vulnerability in On-Premise SharePoint Servers (CVE-2025-53770)

HazyBeacon Backdoor Observed in Attacks Against Southeast Asian Government Agencies

A malicious campaign attributed to the group “CL-STA-1020” has been observed targeting government agencies in Southeast Asia, leveraging a previously undocumented Windows backdoor, dubbed HazyBeacon. According to a security researcher from Unit 42, “This backdoor leverages a novel C2 technique in which the backdoor establishes C2 communication via AWS Lambda URLs.” Additionally, the motive behind continue reading : HazyBeacon Backdoor Observed in Attacks Against Southeast Asian Government Agencies

Microsoft Releases June 2025 Patch Tuesday Security Updates

Microsoft has released its June 2025 Patch Tuesday security updates, addressing multiple vulnerabilities across its products, including one that has been detected as exploited in the wild. Tracked as CVE-2025-33053, a vulnerability in WebDAV that could allow an unauthorized attacker to execute code over a network. A security researcher from Check Point Research has uncovered continue reading : Microsoft Releases June 2025 Patch Tuesday Security Updates

ShadowPad and PurpleHaze: Cyberespionage Campaigns Targeting Government and Global Industries

SentinelLabs of SentinelOne has observed and defended a malicious campaign targeting public sector organizations and global industries, including their own organization Based on the official blog released, there are 6 activities that have been observed and tracked to the activity of cluster PurpleHaze and ShadowPad. _____________________________ A. Nature of Malicious Campaign ShadowPad Cluster SentinelLabs has continue reading : ShadowPad and PurpleHaze: Cyberespionage Campaigns Targeting Government and Global Industries