Akira ransomware exploiting critical SonicWall SSLVPN bug again

2025-09-11

The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. [...]

The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices.

The hackers are leverging the security issue to gain access to target networks via unpatched SonicWall SSL VPN endpoints.

Source: https://www.bleepingcomputer.com/news/security/akira-ransomware-exploiting-critical-sonicwall-sslvpn-bug-again/