Threat Actors Exploiting SonicWall Firewalls to Deploy Akira Ransomware Using Malicious Logins

A new wave of cyberattacks targeting organizations using SonicWall firewalls has been actively deploying Akira ransomware since late July 2025. Security researchers at Arctic Wolf Labs detected a surge in this activity, which remains ongoing. Threat actors are gaining initial access through malicious SSL VPN logins, successfully bypassing multi-factor authentication (MFA), and then rapidly moving […]

The post Threat Actors Exploiting SonicWall Firewalls to Deploy Akira Ransomware Using Malicious Logins appeared first on Cyber Security News.