Qilin Ransomware Exploits Check Point VPN Zero-Day Since Early May
CVE-2026-50751 allows unauthenticated VPN access via IKEv1 certificate validation flaw. CISA gave federal agencies three days to patch after linking attacks to ransomware affiliate.
9 articles tagged with "Vpn"
CVE-2026-50751 allows unauthenticated VPN access via IKEv1 certificate validation flaw. CISA gave federal agencies three days to patch after linking attacks to ransomware affiliate.
WatchTowr Labs published technical details and exploit code for CVE-2026-50751, the auth bypass flaw already used by Qilin ransomware. TCP 443 bypass works too.
CVE-2026-0257 lets attackers forge VPN cookies to access internal networks without credentials. CISA adds to KEV after Rapid7 confirms exploitation since May 17. Federal deadline June 19.
CVE-2024-12802 lets attackers bypass MFA on SonicWall Gen6 VPNs even after patching. Ransomware operators actively exploiting incomplete fixes. Gen6 reached EOL April 16.
Microsoft exposes Storm-2561 campaign using SEO manipulation to distribute fake Cisco, Fortinet, and Ivanti VPN clients that steal enterprise credentials.
A ransomware operation has compromised multiple US educational institutions using stolen VPN credentials. The education sector represents 80% of known victims.
A threat actor called RedTeam is selling a $1,500 credential-stuffing tool with built-in scanning, proxy rotation, and multi-protocol support aimed at enterprise VPN infrastructure.
CVE-2025-40602 privilege escalation flaw combined with earlier vulnerability enables unauthenticated remote code execution on SonicWall appliances.
Critical out-of-bounds write vulnerability in WatchGuard Firebox firewalls under active exploitation with over 125,000 devices exposed online.