Sophos Firewall v21.5 is now available

Blog

Byadmblake June 2, 2025

New innovations and top-requested features

Blog

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

The U.K. National Cyber Security Centre (NCSC) has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. “The RayInitiator and LINE VIPER malware represent a significant evolution on that used in the previous campaign,…

Read More Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware
Blog

U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues

The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development was first reported by Axios. The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app’s security. “The Office of Cybersecurity has deemed WhatsApp a high-risk to…

Read More U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
Blog

Interlock Ransomware Attack

An active Interlock ransomware campaign is exploiting a critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC), enabling unauthenticated remote code execution as root. The campaign combines edge-device exploitation, custom malware tooling, and double extortion tactics, indicating a mature and targeted ransomware operation.

Read More Interlock Ransomware Attack
Blog

New PCI DSS Rules Say Merchants on Hook for Compliance, Not Providers

Merchants and retailers will now face penalties for not being compliant with PCI DSS 4.0.1, and the increased security standards make it clear they cannot transfer compliance responsibility to third-party service providers.

Read More New PCI DSS Rules Say Merchants on Hook for Compliance, Not Providers
Blog

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Another week in cybersecurity. Another week of “you’ve got to be kidding me.” Attackers were busy. Defenders were busy. And somewhere in the middle, a whole lot of people had a very bad Monday morning. That’s kind of just how it goes now. The good news? There were some actual wins this week. Real ones….

Read More ⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
Blog

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access. “This activity has affected a small number of customers we have in common with Microsoft, and we are working with those customers to provide…

Read More Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Related