> TritonInfoSec News
Home / May 22, 2026 / Story
0
#7 BleepingComputer general May 20, 2026 at 21:19 UTC

Hackers bypass SonicWall VPN MFA due to incomplete patching

By Bill Toulas

AI Summary

Threat actors exploited incomplete patching on SonicWall Gen6 SSL-VPN appliances to brute-force VPN credentials and bypass multi-factor authentication, subsequently deploying ransomware tools. The attacks highlight a critical operational gap: organizations that applied partial patches remained vulnerable to MFA bypass, enabling full ransomware deployment chains. Security teams managing SonicWall Gen6 appliances should verify complete patch application and audit VPN authentication logs.

Read full article → https://www.bleepingcomputer.com/news/security/hac…

Relevance score: 77.0/100

# More from May 22

  1. 1
    GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension The Hacker News
  2. 2
    Microsoft Warns of Two Actively Exploited Defender Vulnerabilities The Hacker News
  3. 3
    9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros The Hacker News
  4. 4
    Max severity Cisco Secure Workload flaw gives Site Admin privileges BleepingComputer
  5. 5
    Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks The Hacker News
  6. 6
    Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada Krebs on Security
  7. 8
    Chinese hackers target telcos with new Linux, Windows malware BleepingComputer
  8. 9
    European authorities take down prolific cybercrime VPN service CyberScoop
  9. 10
    7-Eleven confirms breach after ShinyHunters claims The Record