Top 5 this week

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

The ROI Problem in Attack Surface Management

How To Browse Faster and Get More Done Using Adapt Browser

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

| CYBERSECURITY |

Admin User

December 30, 2025

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances — Image credit:
The Hacker News

A security vulnerability in Secure Mobile Access (SMA) 100 series appliances has been fixed by SonicWall. Tracked as CVE-2025-40602, the vulnerability relates to a local privilege escalation case. The vulnerability has been added to the Known Exploited Vulnerabilities catalog by the U.S.

Cybersecurity and Infrastructure Security Agency (CISA). According to CISA, in order to secure their networks, Federal Civilian Executive Branch (FCEB) agencies must implement the fixes by December 24,

2025.

As part of a campaign aimed at dropping a backdoor known as OVERSTEP, Google announced back in July that it was monitoring a cluster called UNC6148 that was targeting fully patched end-of-life SonicWall SMA 100 series devices. As of right now, it's unclear whether these actions are connected to the UNC6 148 campaign.

CYBER ATTACK CYBERSECURITY DATA BREACH VULNERABILITY