The Hacker News
Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments.
"Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said . "The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing."
A significant chunk of the activity is said to have commenced on October 4, 2025, with more than 100 SonicWall SSL VPN accounts across 16 customer accounts having been impacted. In the cases investigated by Huntress, authentications on the SonicWall devices originated from the IP address 202.155.8[.]73.
The company noted that in some instances, the threat actors did not engage in further adversarial actions in the
Local News in South Carolina
Reuters US Business
New York Post
WWSB
Cover Media
Law & Crime
Live 5 News Crime
IMDb Movies
Daily Kos