SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed below – CVE-2023-44221 (CVSS score: 7.2) – Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to […]
Author Archives: Onsite Computing, Inc.
The China-linked cyber-operations group, better known as Lotus Panda, uses its own custom malware to focus on government agencies and private companies in Hong Kong, the Philippines, Taiwan, and Vietnam. Go to Source Author: Robert Lemos, Contributing Writer
A China-aligned APT threat actor named “TheWizards” abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware. […] Go to Source Author: Lawrence Abrams
The chat infrastructure and data-leak site of the notorious ransomware-as-a-service group has been inactive since March 31, according to security vendors. Go to Source Author: Jai Vijayan, Contributing Writer
Jen Easterly, former director of CISA, discussed the first 100 days of the second Trump administration and criticized the president’s “mandate for loyalty” during a panel at RSAC 2025. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. […] Go to Source Author: Bill Toulas
While nation-state actors are demonstrating how easily they can infiltrate US networks, government officials don’t seem to have a clear vision for what comes next. Go to Source Author: Becky Bracken
A SLAAC-spoofing, adversary-in-the-middle campaign is hiding the WizardNet backdoor malware inside updates for legitimate software and popular applications. Go to Source Author: Tara Seals
WhatsApp has announced the introduction of ‘Private Processing,’ a new technology that enables users to utilize advanced AI features by offloading tasks to privacy-preserving cloud servers. […] Go to Source Author: Bill Toulas
Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. […] Go to Source Author: Sergiu Gatlan