Sophos Firewall v21 MR1 is now available
It’s a fully supported upgrade from v21, v20, v19.5 and v19.0.
It’s a fully supported upgrade from v21, v20, v19.5 and v19.0.
Related
Palo Alto PAN-OS Authentication Bypass
What is the Vulnerability? A recent authentication bypass vulnerability (CVE-2025-0108) in the Palo Alto Networks PAN-OS software is under active exploitation as has been added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog. Successful exploitation of CVE-2025-0108 enables an unauthenticated attacker with network access to the management web interface to bypass the authentication required by the…
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. “We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure,” VulnCheck said in a report shared…
Pandas Galore: Chinese Hackers Boost Attacks in Latin America
Vixen Panda, Aquatic Panda — both Beijing-sponsored APTs and financially motivated criminal groups continued to pose the biggest threat to organizations in Central and South America last year, says CrowdStrike.
eSIM Bug in Millions of Phones Enables Spying, Takeover
eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that underlies billions of cards.
CVE-2022-22718 on CISA’s Known Exploited Vulnerabilities Catalog
FortiGuard Labs is aware that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-22718 to the Known Exploited Vulnerabilities Catalog. CVE-2022-24481 is a local privilege escalation vulnerability in the Windows Print Spooler and affects multiple versions of Windows OS. Microsoft issued a patch for the vulnerability as part of the February 2022 Patch…
Salt Typhoon Exploits Cisco Devices in Telco Infrastructure
The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents in the past two months.