See every side of every news story
Published loading...Updated

SonicWall Urges Admins to Disable SSLVPN Amid Rising Attacks

GLOBAL, AUG 5 – SonicWall warns customers to disable SSL VPN services after at least 20 ransomware attacks exploiting a likely zero-day vulnerability bypassed multifactor authentication, impacting fully patched devices.

  • SonicWall on August 5, 2025, urged investigation into a potential zero-day after a surge in Akira ransomware attacks targeting Gen 7 firewalls with SSLVPN enabled.
  • Arctic Wolf Labs reported on Friday that it observed multiple Akira ransomware attacks since July 15th, and Huntress confirmed on Monday with indicators of compromise.
  • Evidence shows Arctic Wolf Labs reported Akira ransomware targeting fully patched SonicWall SSLVPNs, suggesting a potential zero-day exploit.
  • The advisory urged SonicWall to disable SSLVPN services when practical, restrict access to trusted IPs, enable Botnet Protection and Geo-IP Filtering, enforce MFA, and remove unused accounts.
  • Regulatory bodies may scrutinize how vendors disclose and remediate potential zero-day vulnerabilities, as this incident underscores escalating risks for enterprise network security tools.
Insights by Ground AI
Does this summary seem wrong?

16 Articles

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

The Hacker News broke the news in on Tuesday, August 5, 2025.
Sources are mostly out of (0)

Similar News Topics