Vulnerabilities Zyxel Firewall Vulnerability Again in Attacker Crosshairs GreyNoise warns of a spike in exploitation attempts targeting a two-year-old vulnerability in Zyxel firewalls. Ionut ArghireJune 17, 2025
Vulnerabilities Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023 The Radware Cloud WAF product vulnerabilities disclosed by CERT/CC were addressed two years ago. Eduard KovacsMay 13, 2025
Vulnerabilities Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks. Eduard KovacsFebruary 21, 2025
Vulnerabilities Palo Alto Networks Confirms Exploitation of Firewall Vulnerability Palo Alto Networks has confirmed that a recently patched firewall vulnerability tracked as CVE-2025-0108 is being actively exploited. Eduard KovacsFebruary 18, 2025
Vulnerabilities SonicWall Firewall Vulnerability Exploited After PoC Publication The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published. Ionut ArghireFebruary 14, 2025
Vulnerabilities Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure. Eduard KovacsFebruary 14, 2025
Vulnerabilities Palo Alto Networks Patches Potentially Serious Firewall Vulnerability Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability. Eduard KovacsFebruary 13, 2025
Data Breaches Data From 15,000 Fortinet Firewalls Leaked by Hackers Hackers have leaked 15,000 Fortinet firewall configurations, which were apparently obtained as a result of exploitation of CVE-2022–40684. Eduard KovacsJanuary 16, 2025
Vulnerabilities GFI KerioControl Firewall Vulnerability Exploited in the Wild Threat actors are exploiting a recent GFI KerioControl firewall vulnerability that leads to remote code execution. Ionut ArghireJanuary 9, 2025
Vulnerabilities Palo Alto Networks Patches Firewall Zero-Day Exploited for DoS Attacks Palo Alto Networks has patched CVE-2024-3393, a vulnerability that has been exploited for DoS attacks against the company’s firewalls. Eduard KovacsDecember 30, 2024
Vulnerabilities Sophos Patches Critical Firewall Vulnerabilities Sophos has released patches for a critical-severity firewall vulnerability that could lead to remote code execution. Ionut ArghireDecember 23, 2024
Tracking & Law Enforcement US Charges, Sanctions Chinese Man Accused of Sophos Firewall Hacking The US government announced charges, sanctions and a reward for Guan Tianfeng, a Chinese national accused of involvement in Sophos firewall hacks. Eduard KovacsDecember 11, 2024
Vulnerabilities CISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks A second vulnerability in Zyxel firewalls has been exploited in Helldown ransomware attacks over the past weeks. Ionut ArghireDecember 4, 2024
Malware & Threats 2,000 Palo Alto Firewalls Compromised via New Vulnerabilities The number of internet-exposed Palo Alto firewalls is dropping, but 2,000 have been compromised, according to Shadowserver Foundation. Eduard KovacsNovember 21, 2024
Vulnerabilities Palo Alto Networks Confirms New Firewall Zero-Day Exploitation Palo Alto Networks has confirmed that a zero-day is being exploited in attacks after investigating claims of a firewall remote code execution flaw. Eduard KovacsNovember 15, 2024
Nation-State FBI Seeking Information on Chinese Hackers Targeting Sophos Firewalls The FBI is asking for information on the Chinese threat actors targeting Sophos edge devices to compromise private and government entities. Ionut ArghireNovember 4, 2024
Vulnerabilities Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild. Eduard KovacsSeptember 6, 2024
Malware & Threats State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks. Ionut ArghireApril 12, 2024
Vulnerabilities Palo Alto Networks Warns of Exploited Firewall Vulnerability Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls. Ionut ArghireApril 12, 2024
Network Security Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks. Ryan NaraineNovember 30, 2023