Akira ransomware is actively exploiting vulnerabilities in SonicWall devices, including an unpatched SSLVPN flaw and default user group risks, to gain initial access. Attackers escalate privileges, exfiltrate data, and deploy ransomware at the hypervisor level, highlighting the need for robust vulnerability management. This campaign demonstrates a focused effort on targeting edge devices.
Latest mentioned: 09-11
Earliest mentioned: 09-10