{"vulnerability": "CVE-2024-40766", "sightings": [{"uuid": "e74843d7-8515-43de-b190-fd4d76c3ec69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "MISP/aaf97b2c-ad16-4ce6-928a-a440112d0fd3", "content": "", "creation_timestamp": "2024-09-16T19:13:31.000000Z"}, {"uuid": "f35ead4d-4a34-4642-bf6e-01ade1d18b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-09-20T18:10:03.000000Z"}, {"uuid": "d41ba2ee-ed74-4080-bc9d-c8af3ea87c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lf4ro6oim22m", "content": "", "creation_timestamp": "2025-01-07T04:09:12.530334Z"}, {"uuid": "2d0c3f2e-ba92-4700-8fd3-8cb39a3c5a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lf5acq2c552l", "content": "", "creation_timestamp": "2025-01-07T08:31:14.047387Z"}, {"uuid": "e12938e9-1740-4bba-b4b2-d91762d058db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/neroqc.bsky.social/post/3lfb4ikpgss2v", "content": "", "creation_timestamp": "2025-01-08T21:33:37.490861Z"}, {"uuid": "d2989ef5-4a75-452e-ad38-ed204ba9d3a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3leegz5z6zr2h", "content": "", "creation_timestamp": "2024-12-28T11:54:36.314501Z"}, {"uuid": "42f0daab-8cda-48b9-9501-6b429f5e41ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3lksk7jsovd2u", "content": "", "creation_timestamp": "2025-03-20T11:00:16.960483Z"}, {"uuid": "cd0b0beb-606a-4d9b-8eef-bd62648091fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:59.000000Z"}, {"uuid": "04ef6da6-0663-49cd-a41d-67f7d51cc1f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "MISP/41b2f5bb-a728-5d60-ac2f-cbb9fb1ecad9", "content": "", "creation_timestamp": "2025-10-13T11:11:18.000000Z"}, {"uuid": "976032f8-d4e8-4fdb-b33c-42ff49496f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://www.cert.at/de/warnungen/2025/8/erhohte-bedrohungsaktivitat-gegen-sonicwall-gen-7-firewalls-mit-sslvpn-sofortmassnahmen-empfohlen", "content": "", "creation_timestamp": "2025-08-05T08:53:46.000000Z"}, {"uuid": "5b04d619-59e2-47b5-9b3d-328085f82a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://infosec.exchange/users/dfncert/statuses/114986704982128308", "content": "", "creation_timestamp": "2025-08-07T09:11:16.801122Z"}, {"uuid": "1e196bb1-ffb1-41d8-aca2-ee05c264d9cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/bsi.bund.de/post/3lvspsf3zx22a", "content": "", "creation_timestamp": "2025-08-07T12:17:27.040598Z"}, {"uuid": "4399d82b-cc56-4b70-8044-abb9e0260718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114987562028774683", "content": "", "creation_timestamp": "2025-08-07T12:49:14.210192Z"}, {"uuid": "9eccc3e1-16cb-417b-b44f-2e9f4b4266b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3lvsrlhlm7k2a", "content": "", "creation_timestamp": "2025-08-07T12:49:22.100108Z"}, {"uuid": "10be9fc8-bf03-4afa-b014-e54c8849da58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://thehackernews.com/2025/08/sonicwall-confirms-patched.html", "content": "", "creation_timestamp": "2025-08-07T08:32:00.000000Z"}, {"uuid": "4f9b3c71-0bef-456f-ae8f-ec25a3c7a0e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lvt2r5kpot2k", "content": "", "creation_timestamp": "2025-08-07T15:33:36.533644Z"}, {"uuid": "1b7ff6b0-e5c0-44b1-97d0-21f69524fa45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lvt4lylles23", "content": "", "creation_timestamp": "2025-08-07T16:06:32.066140Z"}, {"uuid": "47febf2c-4d65-4999-ad20-818bd6dd5349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/jgreig.bsky.social/post/3lvtiqamekc2o", "content": "", "creation_timestamp": "2025-08-07T19:43:40.139878Z"}, {"uuid": "11737727-1b42-47b3-8af7-96ca059c2fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lvu7cg6fmv2u", "content": "", "creation_timestamp": "2025-08-08T02:27:30.507074Z"}, {"uuid": "96c49dfd-617b-4aa7-aa22-c08d46548029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lvuayjv4g22h", "content": "", "creation_timestamp": "2025-08-08T02:57:49.730344Z"}, {"uuid": "d5ffed02-cdba-4b4a-88fb-85f10b278d16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lvuc3wt2fc2h", "content": "", "creation_timestamp": "2025-08-08T03:17:36.021898Z"}, {"uuid": "928bb9ad-e1f2-43f5-a932-860ea3fff42b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lvudf7nlos2h", "content": "", "creation_timestamp": "2025-08-08T03:40:42.217459Z"}, {"uuid": "8f173493-92c7-4a50-97c2-d38b911da644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lvuth733no2n", "content": "", "creation_timestamp": "2025-08-08T08:28:06.008974Z"}, {"uuid": "148429fb-0985-4d83-a272-d8fbf68fd399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/114993286671148714", "content": "", "creation_timestamp": "2025-08-08T13:05:06.855591Z"}, {"uuid": "010e1a4a-03c7-4c91-ad45-870da242fa28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://threatintel.cc/2025/08/08/ssl-vpn-vulnerability-impacting-gen.html", "content": "", "creation_timestamp": "2025-08-08T11:05:11.000000Z"}, {"uuid": "f95d9793-a348-48cc-9fde-86544461142c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3m2bwbmgkrs2x", "content": "", "creation_timestamp": "2025-10-03T11:04:09.712212Z"}, {"uuid": "8daf2998-89c2-4c64-983a-fdb335bdc261", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3m2bwbpvz6s2x", "content": "", "creation_timestamp": "2025-10-03T11:04:10.236748Z"}, {"uuid": "c72b2f4e-f7d4-41f9-99e4-dbd4f120224e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/devcentral.bsky.social/post/3lz2gxjvthc2s", "content": "", "creation_timestamp": "2025-09-17T18:16:08.292810Z"}, {"uuid": "0b6cb7f1-f7d1-4971-a78b-3d712a0cf748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/115310858693528158", "content": "", "creation_timestamp": "2025-10-03T15:07:49.891935Z"}, {"uuid": "6978af5d-ded4-460a-8072-a48b89896e05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lytkofyyu22z", "content": "", "creation_timestamp": "2025-09-15T00:34:00.537266Z"}, {"uuid": "5ebc9c2d-dacd-4427-8baf-3ea5f5b5477b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40766", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3m2cp7veuuv2g", "content": "", "creation_timestamp": "2025-10-03T18:30:28.317434Z"}, {"uuid": "d0296c4c-1573-4e79-8b20-3735bba2cb13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3lyjfu2wcjp25", "content": "", "creation_timestamp": "2025-09-10T23:41:02.715712Z"}, {"uuid": "9eef0502-6f52-4b27-80e6-4b2a80f292a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/cybelangel.bsky.social/post/3lyuhbsd3vs26", "content": "", "creation_timestamp": "2025-09-15T09:05:56.763574Z"}, {"uuid": "2e6515b3-8f24-47fa-9883-ada28ff5ff8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3lzxx6kjhft2w", "content": "", "creation_timestamp": "2025-09-29T11:53:36.285338Z"}, {"uuid": "0edebaf7-1eca-4ce3-8c16-f7a60450f0c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://threatintel.cc/2025/09/29/akira-ransomware-bypasses-mfa-on.html", "content": "", "creation_timestamp": "2025-09-29T09:15:27.000000Z"}, {"uuid": "304724fb-382a-4afc-876e-1e0937811f9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/blackfog.com/post/3lzy7gckggx25", "content": "", "creation_timestamp": "2025-09-29T14:21:07.155643Z"}, {"uuid": "909732da-af65-4722-9865-65109bd44ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://cyberplace.social/users/GossiTheDog/statuses/115344943934432392", "content": "", "creation_timestamp": "2025-10-09T15:36:27.412678Z"}, {"uuid": "bb694b9c-8468-4afc-bb59-5d47c3cc6548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40766", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3lyk2zwnzfo2x", "content": "", "creation_timestamp": "2025-09-11T06:00:08.354373Z"}, {"uuid": "c217337a-64d8-47e1-a448-d992ce3fd788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lzyfacas3y2x", "content": "", "creation_timestamp": "2025-09-29T16:05:08.105577Z"}, {"uuid": "df6736a4-8085-4447-b5d6-210fe5ddcc2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/redsiege.com/post/3lzythhiies2v", "content": "", "creation_timestamp": "2025-09-29T20:19:42.959890Z"}, {"uuid": "76cd19f5-8803-4155-bffb-8aa08c7e51e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3lwmnjwnu7a2q", "content": "", "creation_timestamp": "2025-08-17T19:46:08.956848Z"}, {"uuid": "f80fac30-041a-4fdf-94dc-12af5648d3b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}, {"uuid": "1a90c364-1816-4686-8347-e980e3b06e1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40766", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lykomfikt5n2", "content": "", "creation_timestamp": "2025-09-11T11:52:44.223365Z"}, {"uuid": "c90fac42-1c1a-41a2-821e-46513929a2e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lykqk2oopm2f", "content": "", "creation_timestamp": "2025-09-11T12:24:57.832497Z"}, {"uuid": "35977e7f-6663-4d2e-8de5-5a4e0ade48db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115350969051297083", "content": "", "creation_timestamp": "2025-10-10T17:08:26.200853Z"}, {"uuid": "3810d398-18cd-488d-bb63-145877d76132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lykztaox542k", "content": "", "creation_timestamp": "2025-09-11T15:11:11.132755Z"}, {"uuid": "7eeaf919-cdbb-460e-af4c-045bbdaaff96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3lyl6f2u6u525", "content": "", "creation_timestamp": "2025-09-11T16:32:42.327018Z"}, {"uuid": "e205eca1-4138-4571-b45a-2b5853d37bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "MISP/c9834322-1956-45b0-9709-84cb2d0eddd5", "content": "", "creation_timestamp": "2025-09-22T12:23:10.000000Z"}, {"uuid": "dd8372e7-ea79-4074-a397-2203aeeaa3c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/infosecindustry.bsky.social/post/3lyl6z3yr5b2s", "content": "", "creation_timestamp": "2025-09-11T16:43:54.906485Z"}, {"uuid": "37d38de0-7a79-443f-89cd-3878fa228979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lzizbfvqus2g", "content": "", "creation_timestamp": "2025-09-23T13:21:07.875930Z"}, {"uuid": "83a211eb-8b30-4182-abb9-8ed4086f1882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m22mvbzyes22", "content": "", "creation_timestamp": "2025-09-30T13:27:30.435594Z"}, {"uuid": "2d987c33-22c7-4d05-a804-8f6e970a98ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:03.000000Z"}, {"uuid": "190a6431-5507-41a5-9ab9-c41f1967c2df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/ransomwaresommelier.com/post/3lylhh25bw227", "content": "", "creation_timestamp": "2025-09-11T19:14:52.451204Z"}, {"uuid": "d1f18108-255a-4153-8f37-d76fc9377266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40766", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3m23gab35p72e", "content": "", "creation_timestamp": "2025-09-30T21:00:58.736711Z"}, {"uuid": "5ceef18d-1234-4e93-80be-4800002d859b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lym6kvfkq32d", "content": "", "creation_timestamp": "2025-09-12T02:08:38.227414Z"}, {"uuid": "f0f29d40-af21-4bc4-aa33-6f3c9bfbf411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m23mc6xsmk2b", "content": "", "creation_timestamp": "2025-09-30T22:49:30.607502Z"}, {"uuid": "03d7e041-8231-4114-9bcc-864d5312d2e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://gist.github.com/Darkcrai86/47379bbc236221e3897f1ce8efc4411f", "content": "", "creation_timestamp": "2025-09-12T06:21:24.000000Z"}, {"uuid": "c9700b9d-1044-4489-be74-433c1c3ea98e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/mbissey.bsky.social/post/3lymnoghw5t2d", "content": "", "creation_timestamp": "2025-09-12T06:39:04.145698Z"}, {"uuid": "d9af9cf8-100a-429b-a94d-2615f77dce73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-b09ebdbf-49ce2daf7174e42b", "content": "", "creation_timestamp": "2025-11-19T15:51:50.496250Z"}, {"uuid": "494e86ce-6594-4322-b6ba-9e6da6f46eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115627378412537386", "content": "", "creation_timestamp": "2025-11-28T12:42:57.502747Z"}, {"uuid": "2970cba4-7494-44e5-acf3-6a21e98a5aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3m335yzgz2c2y", "content": "", "creation_timestamp": "2025-10-13T11:59:02.699747Z"}, {"uuid": "edd95bed-2061-4788-92c7-e849a2690077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lyn6fgb3fgf2", "content": "", "creation_timestamp": "2025-09-12T11:41:41.322539Z"}, {"uuid": "4012e80a-a030-4f7c-b4f2-46059803a76f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://threatintel.cc/2025/11/28/akiras-sonicwall-exploits-are-disrupting.html", "content": "", "creation_timestamp": "2025-11-28T11:43:08.000000Z"}, {"uuid": "8707a953-b075-427d-aac8-859b955103b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3m335z53gn22y", "content": "", "creation_timestamp": "2025-10-13T11:59:03.499177Z"}, {"uuid": "bb2c4c66-0364-46d9-afaf-ea5330ec83b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3m335z53jks2y", "content": "", "creation_timestamp": "2025-10-13T11:59:04.316267Z"}, {"uuid": "a4eb8e91-ce7c-44b6-bd95-9ebf629f6a34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lynhy3u5p227", "content": "", "creation_timestamp": "2025-09-12T14:29:44.737669Z"}, {"uuid": "02e0c706-dac5-4efb-8055-913455083fd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://threatintel.cc/2025/09/12/akira-ransomware-crims-abusing-trifecta.html", "content": "", "creation_timestamp": "2025-09-12T11:49:41.000000Z"}, {"uuid": "40323e13-daba-43b2-a0aa-2d97cd7b6a82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lyntjtb34k27", "content": "", "creation_timestamp": "2025-09-12T17:56:30.650980Z"}, {"uuid": "46205e34-7233-4351-a32d-27eb8b009784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lyo63j76d225", "content": "", "creation_timestamp": "2025-09-12T21:05:26.554907Z"}, {"uuid": "969a795f-a04c-498e-a869-dc9c06fd1538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lyo6gmpff225", "content": "", "creation_timestamp": "2025-09-12T21:11:43.599185Z"}, {"uuid": "621dc82d-0444-4fb6-b516-bca9c99c5724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mfmnn63qfp2z", "content": "", "creation_timestamp": "2026-02-24T17:05:51.492162Z"}, {"uuid": "716b3682-ee21-4edc-a171-441b7f79a367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_17/2025", "content": "", "creation_timestamp": "2025-08-06T05:36:39.000000Z"}, {"uuid": "d2cda3a6-0cfd-4e4b-8330-11a74fe598b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/01044f81-c94c-457c-ac75-a2864ed88968", "content": "", "creation_timestamp": "2026-02-02T12:26:29.719062Z"}, {"uuid": "3f8a794c-fee2-4126-84e8-2fa15adba94a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1358", "content": "", "creation_timestamp": "2024-08-23T04:00:00.000000Z"}, {"uuid": "8032547d-e918-45a7-b91f-1ef331b0e4d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_20/2024", "content": "", "creation_timestamp": "2024-09-09T12:53:15.000000Z"}, {"uuid": "fc3ce506-aa85-4a17-8b8a-a3446eed8231", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1607", "content": "", "creation_timestamp": "2025-08-07T04:00:00.000000Z"}, {"uuid": "484cdd61-dc20-4791-85bb-982a4189a2f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/S_E_Reborn/6053", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043d\u043e\u0432\u0443\u044e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u044c\u043d\u0443\u044e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437 \u0432 3 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 (\u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u043f\u043e \u041f\u041a - \u0437\u0434\u0435\u0441\u044c, \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 - \u0437\u0434\u0435\u0441\u044c).\n\n\u0421\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u043f\u043e \u041f\u041a \u0432 \u0442\u0440\u0435\u0442\u044c\u0435\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:\n\n- \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u041b\u041a \u043e\u0442\u0440\u0430\u0437\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 389 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0430\u0442\u0430\u043a \u0441 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432;\n\n- \u0432\u0435\u0431-\u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441 \u0441\u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043b \u043d\u0430 52 \u043c\u043b\u043d. \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0441\u044b\u043b\u043e\u043a;\n\n- \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0439 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043b \u0431\u043e\u043b\u0435\u0435 21 \u043c\u043b\u043d. \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432;\n\n- \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 2,2 \u0442\u044b\u0441\u044f\u0447\u0438 \u043d\u043e\u0432\u044b\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u043e\u0432;\n\n- \u043f\u043e\u0447\u0442\u0438 85 \u0442\u044b\u0441\u044f\u0447 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u043e\u0432;\n\n- 15% \u0432\u0441\u0435\u0445 \u0436\u0435\u0440\u0442\u0432 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u043e\u0432, \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u043d\u0430 DLS-\u0441\u0430\u0439\u0442\u0430\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a, \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u043e\u0442 Qilin;\n\n- \u0431\u043e\u043b\u0435\u0435 254 \u0442\u044b\u0441\u044f\u0447 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0441 \u043c\u0430\u0439\u043d\u0435\u0440\u0430\u043c\u0438.\n\n\u0418\u0437 \u0433\u043b\u0430\u0432\u043d\u044b\u0445 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0439 \u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n1. \u0423\u0441\u043f\u0435\u0445\u0438 \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u0435\u0439:\n\n- NCA \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430 \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0435\u0432\u0440\u043e\u043f\u0435\u0439\u0441\u043a\u0438\u0445 \u0430\u044d\u0440\u043e\u043f\u043e\u0440\u0442\u0430\u0445 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2025 \u0430\u0440\u0435\u0441\u0442\u043e\u0432\u0430\u043b\u043e \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u0435\u043c\u043e\u0433\u043e.\n\n- \u041c\u0438\u043d\u044e\u0441\u0442 \u0421\u0428\u0410\u00a0\u043f\u0440\u0435\u0434\u044a\u044f\u0432\u0438\u043b \u043e\u0431\u0432\u0438\u043d\u0435\u043d\u0438\u044f\u00a0\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0431\u0430\u043d\u0434 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 LockerGoga, MegaCortex \u0438 Nefilim.\n\n- \u0412\u043b\u0430\u0441\u0442\u0438 \u0421\u0428\u0410\u00a0\u0438\u0437\u044a\u044f\u043b\u0438\u00a0\u0430\u043a\u0442\u0438\u0432\u044b \u0438 \u043b\u044e\u043a\u0441\u043e\u0432\u044b\u0439 \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044c \u0443 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430 Zeppelin.\n\n- \u0412 \u0445\u043e\u0434\u0435 \u043c\u0435\u0436\u0434\u0443\u043d\u0430\u0440\u043e\u0434\u043d\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043f\u043e\u0434 \u0444\u043b\u0430\u0433\u043e\u043c \u0424\u0411\u0420 \u0421\u0428\u0410 \u043b\u0438\u043a\u0432\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 BlackSuit.\n\n2. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0430\u0442\u0430\u043a\u0438:\n\n- \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438\u00a0\u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442\u00a0\u0440\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u0430\u0442\u0430\u043a Akira \u043d\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b SonicWall \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 SSL VPN. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0441 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 CVE-2024-40766.\n\n- Scattered Spider (UNC3944)\u00a0\u0430\u0442\u0430\u043a\u0443\u0435\u0442\u00a0\u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b VMware, \u0432\u044b\u0434\u0430\u0432\u0430\u044f \u0441\u0435\u0431\u044f \u0437\u0430 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\u00a0\n\n- \u0417\u0430\u043c\u0435\u0447\u0435\u043d\u044b\u00a0\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 SharePoint-\u0441\u0435\u0440\u0432\u0435\u0440\u044b\u00a0\u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0ToolShell, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0432\u0448\u0438\u0435 \u0431\u043e\u043b\u0435\u0435 140 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \n\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c 4L4MD4R, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 \u043a\u043e\u0434\u0435 Mauri870.\n\n- \u0411\u0440\u0438\u0442\u0430\u043d\u0441\u043a\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e Claude\u00a0\u0441\u043e\u0437\u0434\u0430\u043b \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u00a0\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 RaaS.\n\n- \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 LLM-\u043c\u043e\u0434\u0435\u043b\u044c \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438, \u0438 \u0434\u0430\u043b\u0438 \u0435\u043c\u0443 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 PromptLock (\u043f\u043e\u0437\u0436\u0435 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e PromptLock, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u0438\u0445 \u0443\u0447\u0435\u0431\u043d\u043e\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u0435).\n\n3. \u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438:\n\n- \u041a\u0430\u043a \u0438 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435, \u0441\u0430\u043c\u043e\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u0430 Qilin, \u0447\u044c\u044f \u0434\u043e\u043b\u044f \u0432\u044b\u0440\u043e\u0441\u043b\u0430 \u043d\u0430 1,89 \u043f. \u043f. \u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 14,96%.\n\n- \u0428\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a Clop \u0441\u043d\u0438\u0437\u0438\u043b \u0441\u0432\u043e\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u0430 \u0434\u043e\u043b\u044f Akira (10,02%) \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u0440\u043e\u0441\u043b\u0430.\n\n- \u041d\u0430 \u0442\u0440\u0435\u0442\u044c\u0435 \u043c\u0435\u0441\u0442\u043e \u043f\u043e\u0434\u043d\u044f\u043b\u0430\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u0430 INC Ransom (8,15%), \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0441 2023 \u0433\u043e\u0434\u0430.\n\n\u0427\u0442\u043e \u0432\u0430\u0436\u043d\u043e, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0432 \u041b\u041a \u0432 \u0447\u0430\u0441\u0442\u0438 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438 \u0431\u044b\u043b \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d \u043f\u043e\u0434\u0445\u043e\u0434 \u0432 \u043f\u043e\u0434\u0441\u0447\u0435\u0442\u0435 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Kaspersky Security Network. \u0418\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0441\u043d\u0443\u043b\u0438\u0441\u044c \u0432\u0441\u0435\u0445 \u0440\u0430\u0437\u0434\u0435\u043b\u043e\u0432 \u043e\u0442\u0447\u0435\u0442\u0430, \u043a\u0440\u043e\u043c\u0435 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438 \u043f\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u0447\u043d\u044b\u043c \u043f\u0430\u043a\u0435\u0442\u0430\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0438 \u043d\u0435 \u043f\u043e\u0432\u043b\u0438\u044f\u043b\u0438.\n\n\u0414\u043b\u044f \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0438 \u043c\u0435\u0436\u0434\u0443 \u043e\u0442\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u043f\u0435\u0440\u0438\u043e\u0434\u0430\u043c\u0438 \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u043f\u0435\u0440\u0435\u0441\u0447\u0438\u0442\u0430\u043d\u044b \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u044b, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043b\u0438\u0447\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0440\u0430\u043d\u0435\u0435.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0442\u0440\u0435\u0442\u044c\u0435\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 2025 \u0433\u043e\u0434\u0430:\n\n- \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u043e 3,47 \u043c\u043b\u043d \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e, \u0440\u0435\u043a\u043b\u0430\u043c\u043d\u043e\u0433\u043e \u0438\u043b\u0438 \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u041f\u041e;\n\n- \u0441\u0440\u0435\u0434\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0434\u043b\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441\u0430\u043c\u043e\u0439 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0441\u0442\u0430\u043b\u0438 \u0442\u0440\u043e\u044f\u043d\u0446\u044b\u00a0- \u0441 \u043d\u0438\u043c\u0438 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c 15,78% \u043e\u0442 \u0432\u0441\u0435\u0445 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e;\n\n- \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 197 \u0442\u044b\u0441\u044f\u0447 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u0447\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445: 52\u00a0723 - \u043e\u0442\u043d\u043e\u0441\u0438\u043b\u0438\u0441\u044c \u043a \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u043c \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u043c \u0442\u0440\u043e\u044f\u043d\u0446\u0430\u043c, 1564 \u043f\u0430\u043a\u0435\u0442\u0430\u00a0- \u043a \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u043c \u0442\u0440\u043e\u044f\u043d\u0446\u0430\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430, \u0440\u0430\u0437\u0431\u043e\u0440 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0442\u0440\u0435\u043d\u0434\u043e\u0432 \u0438 \u043c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u0438\u043d\u0444\u044b - \u0432 \u043e\u0442\u0447\u0435\u0442\u0430\u0445 \u043f\u043e \u041f\u041a \u0438 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c (1 \u0438 2 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e).", "creation_timestamp": "2025-11-26T19:56:03.000000Z"}, {"uuid": "3411927d-1844-41b5-be41-f2d7cae0f367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/thehackernews/7505", "content": "\ud83d\udea8 Akira ransomware is back \u2014 hammering SonicWall VPNs through a year-old flaw (CVE-2024-40766, CVSS 9.3).\n\nOne misstep in SonicWall\u2019s LDAP \u201cDefault User Group\u201d can hand attackers VPN + admin access the moment they steal a password.\n\nAkira has already hit 967 victims and is surging again.\n\nCheck your configs. Fix it now.\n\nDetails here \u2192 https://thehackernews.com/2025/09/sonicwall-ssl-vpn-flaw-and.html", "creation_timestamp": "2025-09-11T10:35:50.000000Z"}, {"uuid": "e990cf24-3534-434b-b809-9b62c5393538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/BleepingComputer/22936", "content": "\u200aAkira ransomware exploiting critical SonicWall SSLVPN bug again\n\nThe Akira ransomware gang is actively exploiting\u00a0CVE-2024-40766, a\u00a0year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. [...]\n\nhttps://www.bleepingcomputer.com/news/security/akira-ransomware-exploiting-critical-sonicwall-sslvpn-bug-again/", "creation_timestamp": "2025-09-11T17:08:02.000000Z"}, {"uuid": "9983879d-5165-4c4e-aedf-00386dc9d593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/cibsecurity/86915", "content": "\ud83e\udd85 Australian Cyber Authorities Warn of Active Exploitation of SonicWall SSL Vulnerability (CVE-2024-40766) \ud83e\udd85\n\nCVE202440766 \" dataimagecaption\"\" datamediumfile\"httpscyble.comwpcontentuploads202509CVE202440766300x150.webp\" datalargefile\"httpscyble.comwpcontentuploads202509CVE202440766.webp\" title\"Australian Cyber Authorities Warn of Active Exploitation of SonicWall SSL Vulnerability CVE202440766\u00a0 1\"  The Australian Signals Directorates Australian Cyber Security Centre ASDs ACSC has issued an urgent warning following the active exploitation of a critical vulnerability affecting SonicWall SSL VPN appliances across Australia. The flaw, CVE202440766, is being leveraged by threat actors, including those deploying Akira ransomware, to gain unauthorized access to networks and, in some instances, cause firewall crashes.\u00a0   This vulnerability, first disclosed in August 2024 under advisory ID SNWLID2024001...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2025-09-11T15:39:57.000000Z"}, {"uuid": "26d7e9cc-3b24-46c5-91a5-0b37fd57eb73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://www.acn.gov.it/portale/w/akira-campagne-di-sfruttamento-sistematico-di-vulnerabilita-perimetrali-e-accessi-vpn", "content": "", "creation_timestamp": "2026-04-13T03:29:00.000000Z"}, {"uuid": "3fd7e25e-7076-4656-927d-5dd432c5c4d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/BleepingComputer/20918", "content": "\u200aFog ransomware targets SonicWall VPNs to breach corporate networks\n\nFog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls. [...]\n\nhttps://www.bleepingcomputer.com/news/security/fog-ransomware-targets-sonicwall-vpns-to-breach-corporate-networks/", "creation_timestamp": "2024-10-27T21:49:45.000000Z"}, {"uuid": "3b4614ce-4a4e-4cbb-8b91-314b0a4e578e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/BleepingComputer/20629", "content": "\u200aSonicWall SSLVPN access control flaw is now exploited in attacks\n\nSonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766\u00a0in SonicOS is now \"potentially\" exploited in attacks, urging admins to apply patches as soon as possible. [...]\n\nhttps://www.bleepingcomputer.com/news/security/sonicwall-sslvpn-access-control-flaw-is-now-exploited-in-attacks/", "creation_timestamp": "2024-09-06T13:37:01.000000Z"}, {"uuid": "c5f8f61a-b6b6-454c-89f0-4ac724abcbd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/thehackernews/7302", "content": "\ud83d\udea8 Attackers are hitting SonicWall firewalls again\u2014but it\u2019s not a new zero-day. \n\nTurns out, they\u2019re exploiting a known bug (CVE-2024-40766) and weak password hygiene. \n\nMigrating from Gen 6 to Gen 7 without resets? That\u2019s leaving doors wide open.\n\nFull details + what to fix \u2192 https://thehackernews.com/2025/08/sonicwall-confirms-patched.html", "creation_timestamp": "2025-08-07T11:07:38.000000Z"}, {"uuid": "f2353311-5f85-4585-943c-c9fb6e8e61f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/HackingInsights/12525", "content": "\u200aAkira Ransomware Exploits SonicWall SSLVPN Flaw (CVE-2024-40766)\n\nhttps://securityonline.info/akira-ransomware-exploits-sonicwall-sslvpn-flaw-cve-2024-40766/", "creation_timestamp": "2024-09-09T09:27:40.000000Z"}, {"uuid": "4ba6e01b-ee4c-418c-adb7-adb0af84c23d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/itsec_news/4693", "content": "\u200b\u26a1\ufe0f\u0421\u0440\u043e\u0447\u043d\u043e\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043e\u0442 CISA: \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0443\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0434\u043e \u043a\u043e\u043d\u0446\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f\n\n\ud83d\udcac\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (CISA) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043e \u0442\u0440\u0451\u0445 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u042d\u0442\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0443 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2016-3714 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS: 8.4) \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f ImageMagick \u2014 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f\u043c\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u0432\u0435\u0434\u0451\u0442 \u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2017-1000253 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS: 7.8), \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u044f\u0434\u0440\u0435 Linux. \u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0441\u0442\u0435\u043a\u0430 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 load_elf_binary(). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0430\u0436\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c.\n\n\u0422\u0440\u0435\u0442\u044c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2024-40766 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS: 9.8) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 SonicWall SonicOS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445. \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u0431\u043e\u0439 \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0435\u0451 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043d\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0441\u0435\u0442\u0438 \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c.\n\nCISA \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0441\u0440\u043e\u0447\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0438\u043b\u0438 \u043e\u0442\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0441\u043e\u0444\u0442\u0430, \u0435\u0441\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442. \u0421\u0440\u043e\u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043c\u0435\u0440 \u2014 \u0434\u043e 30 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043c\u0435\u0440 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439. \u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435 \u043e\u0442\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0432\u043e\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u0438 \u0443\u0442\u0435\u0447\u043a\u0443 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-09-11T16:36:49.000000Z"}, {"uuid": "42093c1c-f2b1-4fc3-8506-b45de7f71f3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/true_secator/7438", "content": "WatchGuard \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0435\u0435 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b Firebox.\n\nCVE-2025-9242 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e\u00a0\u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Fireware OS 11.x (EoL), 12.x \u0438 2025.1 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 12.3.1_Update3 (B722811), 12.5.13, 12.11.4 \u0438 2025.1.1.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b Firebox \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u044b \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 IKEv2 VPN.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, WatchGuard \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u043e\u043d\u0438 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0442\u044c\u0441\u044f \u0440\u0438\u0441\u043a\u0443 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u044b.\n\nWatchGuard \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u041f\u041e, \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0442\u0443\u043d\u043d\u0435\u043b\u0435\u0439 Branch Office VPN (BOVPN) \u043a \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043e\u0434\u043d\u043e\u0440\u0430\u043d\u0433\u043e\u0432\u044b\u043c \u0448\u043b\u044e\u0437\u0430\u043c.\n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0434\u043d\u043e\u0440\u0430\u043d\u0433\u043e\u0432\u044b\u0435 BOVPN, \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u0442\u0440\u0430\u0444\u0438\u043a VPN (\u043a\u0430\u043a \u043e\u043f\u0438\u0441\u0430\u043d\u043e \u0432 \u044d\u0442\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435).\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043a\u0430 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u0441\u0451 \u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0430\u043a\u0430\u0442\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0430 WatchGuard Firebox, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0441\u0435\u0433\u0434\u0430 \u0441\u0447\u0438\u0442\u0430\u044e\u0442 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e.\n\n\u0422\u0430\u043a, \u0431\u0430\u043d\u0434\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Akira \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-40766, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0433\u043e\u0434 \u043d\u0430\u0437\u0430\u0434 \u0438 \u0438\u043c\u0435\u044e\u0449\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438,\u00a0\u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 SonicWall.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e WatchGuard \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u0447\u0430\u0435\u0442 \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 17\u00a0000 \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c\u0438 \u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438 \u0418\u0411-\u0443\u0441\u043b\u0443\u0433 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u0441\u0435\u0442\u0435\u0439 \u0431\u043e\u043b\u0435\u0435 250\u00a0000 \u043c\u0430\u043b\u044b\u0445 \u0438 \u0441\u0440\u0435\u0434\u043d\u0438\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043c\u0435\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2025-09-18T16:46:05.000000Z"}, {"uuid": "b828cb90-7871-4b03-a85b-59cac15008e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/true_secator/7477", "content": "\u0412\u043a\u0440\u0430\u0442\u0446\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u0442\u0430\u043a\u0436\u0435 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 CyberOK \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 30\u00a0000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco \u043f\u043e \u0432\u0441\u0435\u0439 \u0420\u043e\u0441\u0441\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 0-day, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20352.\n\n2. GitLab \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438\u00a0\u0434\u0435\u0441\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0\u0432 \u0441\u0432\u043e\u0435\u043c \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Atlassian Jira Service Management Cloud, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u0440\u043e\u0441\u0443 \u043f\u0430\u0440\u043e\u043b\u044f \u043b\u044e\u0431\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438, \u0437\u0430 \u0447\u0442\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 1500 \u0448\u0432\u0435\u0439\u0446\u0430\u0440\u0441\u043a\u0438\u0445 \u0444\u0440\u0430\u043d\u043a\u043e\u0432.\n\n4. \u0420\u043e\u0431\u043e\u0442\u044b-\u0433\u0443\u043c\u0430\u043d\u043e\u0438\u0434\u044b Unitree G1, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 IEEE Spectrum, \u0441\u043e\u0431\u0438\u0440\u0430\u044e\u0442 \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0432 \u041a\u0438\u0442\u0430\u0439 \u0431\u0435\u0437 \u0432\u0435\u0434\u043e\u043c\u0430 \u0438 \u0441\u043e\u0433\u043b\u0430\u0441\u0438\u044f \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0433\u0440\u0443\u043f\u043f\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0432\u0448\u0438\u0445 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0440\u043e\u0431\u043e\u0442\u0430, \u0441\u0431\u043e\u0440 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043a\u0430\u0436\u0434\u044b\u0435 \u043f\u044f\u0442\u044c \u043c\u0438\u043d\u0443\u0442. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, G1 \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BLE.\n\n5. Positive Technologies \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0440\u044f\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0431\u0445\u043e\u0434 SQLi \u0438 MFA, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0445 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 PassOffice - \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u043e\u0439 \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u044f\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0432 \u0431\u0438\u0437\u043d\u0435\u0441-\u0446\u0435\u043d\u0442\u0440\u0430\u0445.\n\n6. Broadcom \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0434\u0432\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 VMware NSX, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u043e \u0410\u041d\u0411 \u0421\u0428\u0410.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2025-41251 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u044f\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u043c\u0435\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0431\u0440\u0443\u0442\u0435.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2025-41252) \u0442\u0430\u043a\u0436\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0435\u043c \u0438\u043c\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0435\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0438\u043c\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u043f\u0440\u0430\u0432\u043e\u043c\u0435\u0440\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 SMTP (CVE-2025-41250) \u0432 VMware vCenter, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u043d\u0435\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u0434\u0430\u0447\u0438 \u0434\u043b\u044f \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u043c\u0438 \u043f\u0438\u0441\u044c\u043c\u0430\u043c\u0438 \u0441 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f\u043c\u0438, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u0434\u0430\u0447.\n\n7. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Tenable \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438\u00a0\u0442\u0440\u0438 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0435 \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u043f\u043e\u043c\u043e\u0449\u043d\u0438\u043a\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0418\u0418 Gemini \u043e\u0442 Google.\n\n\u0412\u0441\u0435 \u043e\u043d\u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u0438 \u0432\u0435\u043a\u0442\u043e\u0440 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0435\u0433\u043e \u043c\u043e\u0434\u0435\u043b\u044c \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0438\u0441\u043a\u0430, \u0430\u0442\u0430\u043a \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 Gemini Cloud Assist, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u0440\u0430\u0436\u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e \u0435\u0433\u043e \u043c\u0435\u0441\u0442\u043e\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 Gemini Browsing Tool.\n\n8. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f CVE-2025-30247, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 Western Digital My Cloud \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.31.108 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445 NAS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n9. \u0412 Notepad++ v8.8.3 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 DLL (CVE-2025-56383), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 DLL-\u0444\u0430\u0439\u043b \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438 \u0434\u0435\u043b\u0430\u0435\u0442 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f RCE.\n\n10. \u0412 SonicWall SonicOS \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0438, \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043a \u0441\u0431\u043e\u044e \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430.\n\nCVE-2024-40766 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 SonicWall Firewall Gen 5 \u0438 Gen 6, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Gen 7 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c SonicOS 7.0.1-5035 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0431\u0430\u043d\u0434\u043e\u0439 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Akira, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0431\u0445\u043e\u0434\u0438\u043b\u0430 MFA \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u043e\u0434\u043d\u043e\u0440\u0430\u0437\u043e\u0432\u044b\u0445 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u043d\u0430 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 SonicWall, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f OTP, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 CVE-2024-40766.", "creation_timestamp": "2025-09-30T17:38:36.000000Z"}, {"uuid": "963363ef-5ccf-47a5-82c1-521a2d28b32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/true_secator/7308", "content": "\u0412 SonicWall \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u043d\u0438\u043a\u0430\u043a\u043e\u0439 0-day \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 Akira ransomware \u043d\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b Gen 7 \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c SSLVPN \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e\u0434\u043d\u044e\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 CVE-2024-40766, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2024 \u0433\u043e\u0434\u0430 (\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0438 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 SNWLID-2024-0015).\n\nCVE\u20112024\u201140766 - \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c SSLVPN\u00a0\u0432 SonicOS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0430\u043d\u0441\u044b \u0438\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a VPN \u0432 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0\u0448\u0438\u0440\u043e\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u043e\u0441\u043b\u0435 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0433\u043e\u0434 \u043d\u0430\u0437\u0430\u0434, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435\u00a0 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 Akira \u0438 Fog,\u00a0\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0435\u0435 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439.\n\n\u0412 \u043f\u044f\u0442\u043d\u0438\u0446\u0443 Arctic Wolf Labs \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043d\u0430\u043c\u0435\u043a\u043d\u0443\u043b\u0430 \u043d\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 0-day \u0432 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u0445 SonicWall Gen 7, \u0437\u0430\u043c\u0435\u0442\u0438\u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u0437\u0430\u043a\u043e\u043d\u043e\u043c\u0435\u0440\u043d\u043e\u0441\u0442\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 Akira.\n\nSonicWall \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0442\u0435\u043a\u0443\u0449\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u0438\u00a0\u043f\u043e\u0441\u043e\u0432\u0435\u0442\u043e\u0432\u0430\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b SSL VPN, \u0442\u0430\u043a\u0436\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u043c\u0438 IP-\u0430\u0434\u0440\u0435\u0441\u0430\u043c\u0438, \u043f\u043e\u043a\u0430 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u043d\u0435 \u043f\u0440\u043e\u044f\u0441\u043d\u0438\u0442\u0441\u044f.\n\n\u041f\u043e\u0441\u043b\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0431\u043e\u043b\u0435\u0435 40 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0443\u0431\u0435\u0434\u0438\u043b\u0441\u044f \u0432 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043d\u0443\u043b\u0435\u0439 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u043f\u043e\u043b\u0430\u0433\u0430\u044f, \u0447\u0442\u043e Akira \u043d\u0430\u0446\u0435\u043f\u043b\u0435\u043d\u0430  \u043d\u0430 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0435 \u0442\u043e\u0447\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-40766 \u043f\u0440\u0438 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0435 \u0441 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 Gen 6 \u043d\u0430 Gen 7.\n\n\u041c\u043d\u043e\u0433\u0438\u0435 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043c\u0438\u0433\u0440\u0430\u0446\u0438\u0435\u0439 \u0441 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 Gen 6 \u043d\u0430 Gen 7, \u043a\u043e\u0433\u0434\u0430 \u043f\u0430\u0440\u043e\u043b\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u0438\u043b\u0438\u0441\u044c \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043c\u0438\u0433\u0440\u0430\u0446\u0438\u0438 \u0438 \u043d\u0435 \u0441\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u043b\u0438\u0441\u044c. \u0421\u0431\u0440\u043e\u0441 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0431\u044b\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u043c \u0448\u0430\u0433\u043e\u043c, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c \u0432 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0438.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u043c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435\u043c \u0441\u0435\u0439\u0447\u0430\u0441 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 7.3.0 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u043d\u0430\u0434\u0435\u0436\u043d\u0443\u044e \u0437\u0430\u0449\u0438\u0442\u0443 \u043e\u0442 \u043f\u043e\u0434\u0431\u043e\u0440\u0430 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0438 MFA, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0431\u0440\u043e\u0441 \u0432\u0441\u0435\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0442\u0435\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f SSLVPN.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043c\u043d\u043e\u0433\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430 Reddit \u0432\u044b\u0440\u0430\u0437\u0438\u043b\u0438 \u0441\u043e\u043c\u043d\u0435\u043d\u0438\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u0437\u0430\u044f\u0432\u043b\u044f\u044f \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0435 \u043f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435\u00a0\u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435 \u0431\u044b\u043b\u043e \u0434\u043e \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u043d\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b Gen 7. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0430\u044f \u043e\u0431 \u043e\u0442\u043a\u0430\u0437\u0435 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b SonicWall \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430\u0445 \u0438\u0445 \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0431\u0443\u0434\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c.", "creation_timestamp": "2025-08-07T16:58:15.000000Z"}, {"uuid": "4c84f4b1-f33e-4c69-88db-9ac16c4139a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/CyberBulletin/1196", "content": "\u26a1\ufe0fAkira Ransomware Exploit CVE-2024-40766 in SonicWall SonicOS.\n\n#CyberBulletin", "creation_timestamp": "2024-10-22T14:44:31.000000Z"}, {"uuid": "bd644190-94fd-4057-9727-9a2680deeeba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/HackingInsights/12481", "content": "\u200aSonicWall Confirms Critical CVE-2024-40766 Vulnerability Actively Exploited in the Wild\n\nhttps://securityonline.info/sonicwall-confirms-critical-cve-2024-40766-vulnerability-actively-exploited-in-the-wild/", "creation_timestamp": "2024-09-08T17:48:03.000000Z"}, {"uuid": "0687a082-47c8-4341-801d-8a21599767d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "Telegram/hlXgBIDEnwtDSd62eb2kH78HlDlGi4AQXmVnDu7v5GC5Kw", "content": "", "creation_timestamp": "2024-08-26T18:04:38.000000Z"}, {"uuid": "d8443818-5bfb-462e-8398-46b152e945b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/cvedetector/3978", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40766 - SonicWall Firewall Improper Access Control Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-40766 \nPublished : Aug. 23, 2024, 7:15 a.m. | 16\u00a0minutes ago \nDescription : An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T09:36:13.000000Z"}, {"uuid": "2a788e4a-b5f3-4acd-b8f1-7f59a9491bb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/CyberBulletin/569", "content": "\u26a1\ufe0fA SonicWall #vulnerability (CVE-2024-40766) is under active exploitation.\n\nThis critical flaw allows attackers to bypass access controls and potentially crash firewalls, compromising business operations. \n\n#CyberBulletin", "creation_timestamp": "2024-09-06T19:50:07.000000Z"}, {"uuid": "d855bedb-ce8f-4594-841b-81457f4543b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "Telegram/G6CDyfjpDANN7wxO8Xkxdhymlfh3nlYxw4Jw2YnfKWXzWQ", "content": "", "creation_timestamp": "2024-09-06T22:54:05.000000Z"}, {"uuid": "9db427a9-a9d2-484a-bec3-8c5f64068a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/7019", "content": "1000\u2019s Of SonicWall Devices Remain Vulnerable To CVE-2024-40766 \u2013 gbhackers.com\n\nWed, 08 Jan 2025 15:37:49", "creation_timestamp": "2025-01-08T09:04:05.000000Z"}, {"uuid": "db3dda12-f13d-48ba-b6ac-d6dac0e94116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/ViralCyber/5236", "content": "\ud83d\udd34 \u0647\u0634\u062f\u0627\u0631 \u067e\u0686 \u0646\u0642\u0635 \u0628\u062d\u0631\u0627\u0646\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644\u200c\u0647\u0627\u06cc SonicWall \u0648 \u0627\u062d\u062a\u0645\u0627\u0644 \u0633\u0648\u0627\u0633\u062a\u0641\u0627\u062f\u0647\n\n\u0645\u062c\u0645\u0648\u0639\u0647 SonicWall \u0641\u0627\u0634 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u062a\u0627\u0632\u06af\u06cc \u06cc\u06a9 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0647\u0645 \u067e\u0686\u200c\u0634\u062f\u0647 \u06a9\u0647 \u0628\u0631 SonicOS \u062a\u0627\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f\u060c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u062a\u062d\u062a \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0641\u0639\u0627\u0644 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0628\u0627\u0634\u062f \u0648 \u0636\u0631\u0648\u0631\u06cc \u0627\u0633\u062a \u06a9\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0627\u06cc\u0646 \u067e\u0686\u200c\u0647\u0627 \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06a9\u0647 \u0628\u0627 \u0646\u0627\u0645 CVE-2024-40766 \u0631\u062f\u200c\u06cc\u0627\u0628\u06cc \u0645\u06cc\u200c\u0634\u0648\u062f\u060c \u062f\u0627\u0631\u0627\u06cc \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS 9.3 \u0627\u0632 \u062d\u062f\u0627\u06a9\u062b\u0631 10 \u0627\u0633\u062a.\n\n\u0645\u062c\u0645\u0648\u0639\u0647 SonicWall \u062f\u0631 \u062a\u0648\u0635\u06cc\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc\u062f\u06cc \u06af\u0641\u062a: \u00ab\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a SonicWall SonicOS \u0648 SSLVPN \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u06a9\u0647 \u0628\u0637\u0648\u0631 \u0628\u0627\u0644\u0642\u0648\u0647 \u0645\u0646\u062c\u0631 \u0628\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0628\u0647 \u0645\u0646\u0627\u0628\u0639 \u0648 \u062f\u0631 \u0634\u0631\u0627\u06cc\u0637 \u062e\u0627\u0635 \u0628\u0627\u0639\u062b \u0627\u0632 \u06a9\u0627\u0631 \u0627\u0641\u062a\u0627\u062f\u0646 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0645\u06cc\u200c\u0634\u0648\u062f\u00bb.\n\n\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0641\u0627\u0634 \u0646\u0645\u0648\u062f \u06a9\u0647 CVE-2024-40766 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0631 \u0648\u06cc\u0698\u06af\u06cc SSLVPN \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u062a\u0627\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0627\u0635\u0644\u0627\u062d\u200c\u0634\u062f\u0647 \u0634\u0627\u0645\u0644:\n\n\u2022 \u0646\u0633\u062e\u0647 SOHO (Gen 5 Firewalls) - 5.9.2.14-13o\n\u2022 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644\u200c\u0647\u0627\u06cc Gen 6 - 6.5.2.8-2n (\u0628\u0631\u0627\u06cc SM9800\u060c NSsp 12400\u060c \u0648 NSsp 12800) \u0648 6.5.4.15.116n\n\n#Cybersecurity #Cyber_Attack #SonicWall #Firewall #SOHO #SonicOS #SSLVPN #WAN #Patch #Vulnerability #\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u062d\u0645\u0644\u0647_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u0633\u0648\u0646\u06cc\u06a9\u0648\u0627\u0644 #\u0641\u0627\u06cc\u0631\u0648\u0627\u0644\n\n\u0645\u0637\u0627\u0644\u0639\u0647 \u06a9\u0627\u0645\u0644 \u062e\u0628\u0631 \ud83d\udc49\n\n\ud83c\udd94 @Takianco\n\ud83c\uddee\ud83c\uddf7", "creation_timestamp": "2024-09-09T22:12:35.000000Z"}, {"uuid": "d3a3bf45-2136-4aef-8b1e-2b7dfbb24ebf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/nusantaraMYID/2024", "content": "1000\u2019s Of SonicWall Devices Remain Vulnerable To CVE-2024-40766 \u2013 gbhackers.com\n\nWed, 08 Jan 2025 15:37:49", "creation_timestamp": "2025-01-08T09:04:00.000000Z"}, {"uuid": "a2bf6c99-9871-42b7-8471-a78cd34303f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/HackingInsights/11496", "content": "\u200aSonicWall addressed an improper access control issue in its firewalls\n\nhttps://securityaffairs.com/167595/security/sonicwall-sonicos-cve-2024-40766.html", "creation_timestamp": "2024-08-29T09:08:07.000000Z"}, {"uuid": "b335be27-e6e0-45e4-a5bc-72153200d991", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/HackingInsights/11135", "content": "\u200aSonicWall Issues Urgent Patch for Critical Firewall Vulnerability (CVE-2024-40766)\n\nhttps://securityonline.info/sonicwall-issues-urgent-patch-for-critical-firewall-vulnerability-cve-2024-40766/", "creation_timestamp": "2024-08-24T09:50:28.000000Z"}, {"uuid": "13fa2234-05c2-4aec-82cc-3f4f39b7e419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/HackingInsights/11472", "content": "\u200aSonicWall pushes patch for critical vulnerability in SonicOS platform\n\nhttps://cyberscoop.com/sonicwall-sonicos-firewall-cve-2024-40766/", "creation_timestamp": "2024-08-29T09:08:05.000000Z"}, {"uuid": "f593fbf0-cdfb-46c7-b364-9c05c72fc9dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/1186", "content": "1000\u2019s Of SonicWall Devices Remain Vulnerable To CVE-2024-40766 \u2013 gbhackers.com\n\nWed, 08 Jan 2025 15:37:49", "creation_timestamp": "2025-01-08T09:04:05.000000Z"}, {"uuid": "ad674d50-d2a8-4664-930f-e460383340ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "Telegram/g5RVM4LYYIrl9Z-4lUhJU10f3iF8fjjtPO-ynGngaOb0Lro", "content": "", "creation_timestamp": "2025-01-08T09:04:00.000000Z"}, {"uuid": "112d3cfc-3938-4133-9398-ec9c3f21131f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/19798", "content": "The Hacker News\nSonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation\n\nSonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible.\nThe vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10.\n\"An improper access control vulnerability has been identified in the SonicWall SonicOS management", "creation_timestamp": "2024-09-06T22:53:58.000000Z"}, {"uuid": "7673446d-66cb-4232-ab7a-08073bc9c155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/18813", "content": "The Hacker News\nSonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access\n\nSonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices.\nThe vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug.\n\"An improper access control vulnerability has been identified in the SonicWall SonicOS", "creation_timestamp": "2024-08-26T18:04:39.000000Z"}, {"uuid": "289414d2-c86b-485e-b0c1-30ecb9a504a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "Telegram/h0jMv0m592-fxxCV1TpQri13ELM8h1i9SCOUQH32-X7lUA", "content": "", "creation_timestamp": "2024-09-06T19:28:37.000000Z"}, {"uuid": "8da0dcff-74a3-46bd-9770-3f3c686489e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "Telegram/mA4PuNhi-jeIWssXQrDuUFWBrLL54PFHoFuQfJpwrVvxlQ", "content": "", "creation_timestamp": "2024-08-26T22:40:25.000000Z"}, {"uuid": "b6763eb9-cef9-44a1-ab43-addd8a41afd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3771", "content": "The Hacker News\nSonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access\n\nSonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices.\nThe vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug.\n\"An improper access control vulnerability has been identified in the SonicWall SonicOS", "creation_timestamp": "2024-08-26T18:04:39.000000Z"}, {"uuid": "aee4063d-6011-4167-b805-9c94a393840f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/3998", "content": "The Hacker News\nSonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation\n\nSonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible.\nThe vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10.\n\"An improper access control vulnerability has been identified in the SonicWall SonicOS management", "creation_timestamp": "2024-09-06T22:53:58.000000Z"}, {"uuid": "5ae20b9f-2358-4e05-94d7-85d90ab74991", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/KomunitiSiber/2467", "content": "SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access\nhttps://thehackernews.com/2024/08/sonicwall-issues-critical-patch-for.html\n\nSonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices.\nThe vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug.\n\"An improper access control vulnerability has been identified in the SonicWall SonicOS", "creation_timestamp": "2024-08-26T18:25:54.000000Z"}, {"uuid": "27512133-a20f-4396-9198-69244ced3571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/KomunitiSiber/2528", "content": "SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation\nhttps://thehackernews.com/2024/09/sonicwall-urges-users-to-patch-critical.html\n\nSonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible.\nThe vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10.\n\"An improper access control vulnerability has been identified in the SonicWall SonicOS management", "creation_timestamp": "2024-09-07T03:12:53.000000Z"}, {"uuid": "30fcd597-e31b-49bf-941c-c9ec37b56cae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/InfoSecInsider/24131", "content": "\u26a1\ufe0fAkira Ransomware Exploit CVE-2024-40766 in SonicWall SonicOS.\n\n#CyberBulletin", "creation_timestamp": "2024-10-22T15:06:23.000000Z"}, {"uuid": "9e4b9c8f-8e78-4dea-887e-106e2d71613e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/true_secator/6186", "content": "\u041f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043d\u0430 \u043d\u0435\u0434\u0435\u043b\u0435 - \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e. \n\n1. SonicWall \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b VPN \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 CVE-2024-40766. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u043c.\n\nSonicWall \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u043a\u043e\u043d\u0446\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430.\n\n\u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u043a \u043f\u0430\u043d\u0435\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u043c.\n\n2. Fortinet \u0438\u0437\u0443\u0447\u0438\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 GeoServer.\n\n\u0421\u0440\u0435\u0434\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0448\u0442\u0430\u043c\u043c\u043e\u0432: \u0440\u044f\u0434 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432, Condi, Mirai, SideWalk \u0438 GoReverse.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Sector7 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u0432 \u0437\u0430\u0440\u044f\u0434\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0434\u043b\u044f \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043c\u043e\u0431\u0438\u043b\u0435\u0439 Autel MaxiCharger, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c.\n\n\u0411\u044d\u043a\u0434\u043e\u0440\u043e\u043c \u0432 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u044b\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0442\u043e\u043a\u0435\u043d \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0441\u043e\u043f\u0440\u044f\u0436\u0435\u043d\u0438\u044f Bluetooth, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0431\u044b\u043b \u0441\u043e\u0437\u0434\u0430\u043d \u043f\u0440\u0435\u0434\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e.\n\n4. Progress Software \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 LoadMaster \u0438 LoadMaster Multi-Tenant (MT) Hypervisor, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-7591 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0432\u043e\u0434\u0430 \u043d\u0430 \u043f\u0430\u043d\u0435\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u041e\u0421.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u0430 \u0441\u0430\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443\u00a010 \u0438\u0437 10\u00a0\u0432 \u0432\u0438\u0434\u0443 \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u044b \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u043b\u043e, \u043d\u043e, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043e\u0436\u0438\u0434\u0430\u044e\u0442\u0441\u044f.\n\n5. \u041d\u0435\u043c\u0435\u0446\u043a\u0430\u044f SySS \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 11 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u041f\u041e \u0432\u0438\u0434\u0435\u043e\u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f C-MOR, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, XSS \u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0412 \u043a\u043e\u043d\u0446\u0435 \u0438\u044e\u043b\u044f C-MOR \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0448\u0435\u0441\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a.\n\n6. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Theori \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 CVE-2024\u201327394, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432 \u044f\u0434\u0440\u0435 Linux \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n7. QNAP \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0441\u0435\u043c\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0440\u044f\u0434\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u0441\u0432\u043e\u0435\u043c \u041f\u041e.", "creation_timestamp": "2024-09-10T16:31:06.000000Z"}, {"uuid": "e2d80e11-3acd-4104-ab39-82c1b5682256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/ctinow/225726", "content": "Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766\nhttps://ift.tt/HFml4Bn", "creation_timestamp": "2024-10-29T13:05:30.000000Z"}, {"uuid": "c1e84fd5-8cc0-4328-8620-a101ac296937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://t.me/information_security_channel/52793", "content": "SonicWall Patches Critical SonicOS Vulnerability\u00a0\nhttps://www.securityweek.com/sonicwall-patches-critical-sonicos-vulnerability/\n\nSonicWall has patched CVE-2024-40766, a critical SonicOS vulnerability that can lead to unauthorized access or a firewall crash.\nThe post SonicWall Patches Critical SonicOS Vulnerability\u00a0 (https://www.securityweek.com/sonicwall-patches-critical-sonicos-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-08-26T17:55:36.000000Z"}, {"uuid": "15c34a17-df61-496f-8412-f8c6a6aebf2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/information_security_channel/52857", "content": "Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks\nhttps://www.securityweek.com/critical-sonicwall-vulnerability-possibly-exploited-in-ransomware-attacks/\n\nA recently patched SonicWall vulnerability tracked as CVE-2024-40766 may have been exploited in ransomware attacks.\nThe post Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks (https://www.securityweek.com/critical-sonicwall-vulnerability-possibly-exploited-in-ransomware-attacks/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-09-09T14:17:21.000000Z"}, {"uuid": "552ab648-68da-49f1-8613-e636de5af81a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/thehackernews/5537", "content": "\ud83d\udd25 A SonicWall #vulnerability (CVE-2024-40766) is under active exploitation.\n\nThis critical flaw allows attackers to bypass access controls and potentially crash firewalls, compromising business operations. Don't wait.\n\nhttps://thehackernews.com/2024/09/sonicwall-urges-users-to-patch-critical.html\n\nPatch now or risk falling victim.", "creation_timestamp": "2024-09-06T17:57:18.000000Z"}, {"uuid": "76cb212d-5949-47a3-a75a-84f919de2ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/CyberBulletin/26129", "content": "\u26a1\ufe0fAkira Ransomware Exploit CVE-2024-40766 in SonicWall SonicOS.\n\n#CyberBulletin", "creation_timestamp": "2024-10-22T14:44:31.000000Z"}, {"uuid": "52330453-32f4-4b8e-bd10-5ceb60e60223", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/InfoSecInsider/518", "content": "\u26a1\ufe0fAkira Ransomware Exploit CVE-2024-40766 in SonicWall SonicOS.\n\n#CyberBulletin", "creation_timestamp": "2024-10-22T15:06:35.000000Z"}, {"uuid": "b8a93874-7096-462b-b52a-acb4b4faae55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://t.me/DEVIL_La_RSx/128", "content": "\u200aFog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766\n\nhttps://securityaffairs.com/170359/cyber-crime/fog-akira-ransomware-sonicwall-vpn-flaw.html", "creation_timestamp": "2024-10-29T17:25:34.000000Z"}, {"uuid": "8a5bf183-fd6a-46cc-b9b1-f09e076a40c7", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7b2a8f14-0a9b-40da-9df4-8aa1c33ffc0d", "content": "", "creation_timestamp": "2026-06-19T12:46:35.502473Z"}, {"uuid": "d2f0284b-78cf-44d3-975c-32bd41b31ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/sansisc.bsky.social/post/3mowg64wg5x2r", "content": "CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration. https://isc.sans.edu/diary/33094", "creation_timestamp": "2026-06-23T03:05:33.351980Z"}, {"uuid": "0a024cb1-4cfd-4ba6-bad3-529f74200a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mowhk7etyd2h", "content": "CVE-2024-40766: The Patch Was Installed The Breach Path Remained Open +\u00a0Video\n\nIntroduction: When Security Updates Create a False Sense of Safety Cybersecurity teams often celebrate after applying a critical patch. Dashboards turn green, vulnerability scanners stop generating alerts, and executives\u2026", "creation_timestamp": "2026-06-23T03:30:12.388004Z"}, {"uuid": "ab04d5a6-0eb9-4e06-bed7-afc046b9fd12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3moxh6uchrv24", "content": "\ud83d\udc1b VULNERABILITIES CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd) \u2014 SANS ISC\nhttps://isc.sans.edu/diary/rss/33094 #Vulnerability #CVE #ZeroDay", "creation_timestamp": "2026-06-23T12:56:30.694022Z"}, {"uuid": "4542f677-34ff-4d7b-9ecb-3a76743dae96", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/35c5274c-5f43-4843-b0ac-f0f89ab6b629", "content": "", "creation_timestamp": "2026-06-23T14:05:57.687704Z"}, {"uuid": "9c678218-62d1-4e90-b283-abed7f0c6881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3moyl4vcuoc27", "content": "CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)\n#hackernews #news", "creation_timestamp": "2026-06-23T23:39:39.388891Z"}, {"uuid": "7d2386a4-d78f-49dd-ac40-4e5f11920381", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116804930613951549", "content": "Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel AttacksSource URL: https://www.securityweek.com/eight-year-old-samsung-knox-flaw-exposed-millions-of-galaxy-devices-to-kernel-attacks/Researchers disclosed a high-severity use-after-free (UAF) race condition flaw (CVE-2026-20971, CVSS 7.8) affecting Samsung Galaxy S9 through S25 devices. The bug resides in the interaction between the kernel's process authenticator (PROCA) and its integrity subsystem (FIVE), leaving a tiny preemption window open during child process spawning that attackers can exploit to compromise the kernel.Mythos Discovers 'Squidbleed,' a Memory Leak That's Gone Undetected Since Clinton EraSource URL: https://www.theregister.com/security/2026/06/23/mythos-discovers-squidbleed-a-memory-leak-thats-gone-undetected-since-clinton-era/A 29-year-old vulnerability dubbed \"Squidbleed\" (CVE-2026-47729) was discovered in the popular open-source caching proxy server Squid using Anthropic's Claude Mythos Preview AI. The flaw silently leaks users' plaintext HTTP requests, credentials, and session tokens, posing significant data exposure risks across enterprise networks and older legacy environments. It was resolved in version 7.6.FortiBleed-kyberhy\u00f6kk\u00e4yskampanjan vaikutukset n\u00e4kyv\u00e4t my\u00f6s SuomessaSource URL: https://www.kyberturvallisuuskeskus.fi/fi/uutiset/fortibleed-kyberhyokkayskampanjan-vaikutukset-nakyvat-myos-suomessaThe global FortiBleed cyberattack campaign heavily impacts Fortinet FortiGate firewalls and SSL-VPN appliances using previously leaked or stolen credentials. The Finnish National Cyber Security Centre (Kyberturvallisuuskeskus) has begun mapping targeted organizations across Finland and releasing remediation guidelines to counter ongoing unauthorized access attempts.CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration.Source URL: https://isc.sans.edu/diary/rss/33094Despite a 2024 patch for an improper access control flaw (CVE-2024-40766, CVSS 9.3) impacting SonicWall Gen 5, 6, and 7 firewalls, ransomware operators continue to successfully compromise networks due to unmanaged configurations. The vulnerability targets the management interface and SSLVPN services, allowing threat actors to drop entire networks or gain complete device control.New macOS ClickFix Attack Silently Mounts DMGs to Push InfostealerSource URL: https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/A novel macOS ClickFix social engineering campaign tricks users into running malicious Terminal commands via fake CAPTCHA verification prompts. Upon execution, the script uses the native hdiutil utility to silently download, mount, and execute a disk image (DMG) bundle containing the Atomic macOS Stealer (AMOS), harvesting browser credentials, system Keychains, and crypto wallet data.'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer WorkflowsSource URL: https://www.darkreading.com/application-security/cordyceps-malicious-pull-requests-developer-workflowsDubbed \"Cordyceps,\" a newly identified architectural weakness within automated CI/CD pipelines allows malicious pull requests to compromise software supply chains. By exploiting overly permissive access controls in automated pre-merge testing workflows, attackers can execute command injection to hijack highly privileged signing keys and access tokens.The Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data ExfiltrationSource URL: https://unit42.paloaltonetworks.com/cloud-bucket-hijacking-risks/Palo Alto Networks Unit 42 uncovered a structural flaw across AWS, Google Cloud, and Microsoft Azure involving global namespace collision. Attackers can silently hijack an organization's active cloud data streams by anticipating, deleting, and immediately recreating targeted storage buckets under their own control, leaving minimal detection signatures during data exfiltration.LastPass Confirms Data Breach in Klue Supply Chain AttackSource URL: https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/LastPass suffered a security breach impacting its corporate Salesforce environment after threat actors stole OAuth tokens from Klue, a third-party market intelligence platform. While customer password vaults and internal core infrastructure remain fully isolated and untouched, the attackers successfully extracted internal corporate CRM data, customer names, and support log information.Tata Electronics Confirms Cyberattack After Alleged Apple, Tesla Documents Appear OnlineSource URL: https://therecord.media/tata-electronics-confirms-cyberattackIndian manufacturing giant Tata Electronics confirmed a recent network breach following claims by extortion group \"World Leaks,\" who published stolen documents allegedly detailing proprietary client data from Apple and Tesla. Tata maintains that the incident was isolated, successfully contained, and has caused zero operational downtime.Payouts King Ransomware Initial Access Broker Deploys New Edgecution MalwareSource URL: https://www.zscaler.com/blogs/security-research/payouts-king-ransomware-initial-access-broker-deploys-new-edgecutionZscaler ThreatLabz isolated a stealthy delivery mechanism dubbed \"Edgecution,\" deployed by initial access brokers linked to the Payouts King ransomware family. The attack abuses a malicious Microsoft Edge browser extension that manipulates the Chrome native messaging protocol to bypass browser sandboxing entirely, triggering arbitrary local file system modification and execution.AI Models Capable of Launching Major Cyberattacks Months Away, Five Eyes Alliance WarnsSource URL: https://www.cybersecuritydive.com/news/ai-cyberattacks-five-eyes-frontier-models-warning/An international intelligence coalition comprising the United States, United Kingdom, Canada, Australia, and New Zealand issued a joint advisory warning that advanced frontier AI models are rapidly collapsing offensive cyber timelines. The group cautioned corporate boards and infrastructure operators that AI-driven exploitation capabilities will outpace standard enterprise defenses in a matter of months rather than years, vastly lowering technical barriers for automated network intrusions.14 Million Email Accounts Exposed in Cyberattack on Japanese Telecom Giant KDDISource URL: https://www.nippon.com/en/news/yjj2026062301023/Japanese telecommunications provider KDDI Corp. disclosed a massive data breach targeting its email infrastructure utilized by several domestic internet service providers. The cyberattack, which exploited zero-day vulnerabilities in a third-party software component embedded in the email system, has potentially exposed up to 14.22 million user email addresses and encrypted passwords across major partner networks including JCOM, Biglobe, and Nifty.Active Exploitation of Cisco Unified Communications Manager Flaw Triggers Root-Level RiskSource URL: https://thehackernews.com/2026/06/23/attackers-exploit-cisco-unified-cm-flaw-weeks-after-patch-release/Threat intelligence teams detected active, in-the-wild exploitation of a critical server-side request forgery (SSRF) flaw in Cisco's Unified Communications Manager and Session Management Edition. Tracked as CVE-2026-20230 (CVSS 8.6), the bug allows unauthenticated, remote attackers to send crafted HTTP requests to the WebDialer service, enabling them to write arbitrary files directly to the underlying operating system and escalate privileges to root.", "creation_timestamp": "2026-06-24T11:49:58.327985Z"}, {"uuid": "a9a06f70-b3eb-4339-bf61-f47a6c9f35d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://threatintel.cc/2026/06/24/morning-cyber-summary.html", "content": "Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks\n\nSource URL: https://www.securityweek.com/eight-year-old-samsung-knox-flaw-exposed-millions-of-galaxy-devices-to-kernel-attacks/\nResearchers disclosed a high-severity use-after-free (UAF) race condition flaw (CVE-2026-20971, CVSS 7.8) affecting Samsung Galaxy S9 through S25 devices. The bug resides in the interaction between the kernel’s process authenticator (PROCA) and its integrity subsystem (FIVE), leaving a tiny preemption window open during child process spawning that attackers can exploit to compromise the kernel.\n\nMythos Discovers ‘Squidbleed,’ a Memory Leak That’s Gone Undetected Since Clinton Era\n\nSource URL: https://www.theregister.com/security/2026/06/23/mythos-discovers-squidbleed-a-memory-leak-thats-gone-undetected-since-clinton-era/\nA 29-year-old vulnerability dubbed “Squidbleed” (CVE-2026-47729) was discovered in the popular open-source caching proxy server Squid using Anthropic’s Claude Mythos Preview AI. The flaw silently leaks users' plaintext HTTP requests, credentials, and session tokens, posing significant data exposure risks across enterprise networks and older legacy environments. It was resolved in version 7.6.\n\nFortiBleed-kyberhy\u00f6kk\u00e4yskampanjan vaikutukset n\u00e4kyv\u00e4t my\u00f6s Suomessa\n\nSource URL: https://www.kyberturvallisuuskeskus.fi/fi/uutiset/fortibleed-kyberhyokkayskampanjan-vaikutukset-nakyvat-myos-suomessa\nThe global FortiBleed cyberattack campaign heavily impacts Fortinet FortiGate firewalls and SSL-VPN appliances using previously leaked or stolen credentials. The Finnish National Cyber Security Centre (Kyberturvallisuuskeskus) has begun mapping targeted organizations across Finland and releasing remediation guidelines to counter ongoing unauthorized access attempts.\n\nCVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration.\n\nSource URL: https://isc.sans.edu/diary/rss/33094\nDespite a 2024 patch for an improper access control flaw (CVE-2024-40766, CVSS 9.3) impacting SonicWall Gen 5, 6, and 7 firewalls, ransomware operators continue to successfully compromise networks due to unmanaged configurations. The vulnerability targets the management interface and SSLVPN services, allowing threat actors to drop entire networks or gain complete device control.\n\nNew macOS ClickFix Attack Silently Mounts DMGs to Push Infostealer\n\nSource URL: https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/\nA novel macOS ClickFix social engineering campaign tricks users into running malicious Terminal commands via fake CAPTCHA verification prompts. Upon execution, the script uses the native hdiutil utility to silently download, mount, and execute a disk image (DMG) bundle containing the Atomic macOS Stealer (AMOS), harvesting browser credentials, system Keychains, and crypto wallet data.\n\n‘Cordyceps’: Mushrooming Malicious Pull Requests Threaten Developer Workflows\n\nSource URL: https://www.darkreading.com/application-security/cordyceps-malicious-pull-requests-developer-workflows\nDubbed “Cordyceps,” a newly identified architectural weakness within automated CI/CD pipelines allows malicious pull requests to compromise software supply chains. By exploiting overly permissive access controls in automated pre-merge testing workflows, attackers can execute command injection to hijack highly privileged signing keys and access tokens.\n\nThe Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration\n\nSource URL: https://unit42.paloaltonetworks.com/cloud-bucket-hijacking-risks/\nPalo Alto Networks Unit 42 uncovered a structural flaw across AWS, Google Cloud, and Microsoft Azure involving global namespace collision. Attackers can silently hijack an organization’s active cloud data streams by anticipating, deleting, and immediately recreating targeted storage buckets under their own control, leaving minimal detection signatures during data exfiltration.\n\nLastPass Confirms Data Breach in Klue Supply Chain Attack\n\nSource URL: https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/\nLastPass suffered a security breach impacting its corporate Salesforce environment after threat actors stole OAuth tokens from Klue, a third-party market intelligence platform. While customer password vaults and internal core infrastructure remain fully isolated and untouched, the attackers successfully extracted internal corporate CRM data, customer names, and support log information.\n\nTata Electronics Confirms Cyberattack After Alleged Apple, Tesla Documents Appear Online\n\nSource URL: https://therecord.media/tata-electronics-confirms-cyberattack\nIndian manufacturing giant Tata Electronics confirmed a recent network breach following claims by extortion group “World Leaks,” who published stolen documents allegedly detailing proprietary client data from Apple and Tesla. Tata maintains that the incident was isolated, successfully contained, and has caused zero operational downtime.\n\nPayouts King Ransomware Initial Access Broker Deploys New Edgecution Malware\n\nSource URL: https://www.zscaler.com/blogs/security-research/payouts-king-ransomware-initial-access-broker-deploys-new-edgecution\nZscaler ThreatLabz isolated a stealthy delivery mechanism dubbed “Edgecution,” deployed by initial access brokers linked to the Payouts King ransomware family. The attack abuses a malicious Microsoft Edge browser extension that manipulates the Chrome native messaging protocol to bypass browser sandboxing entirely, triggering arbitrary local file system modification and execution.\n\nAI Models Capable of Launching Major Cyberattacks Months Away, Five Eyes Alliance Warns\n\nSource URL: https://www.cybersecuritydive.com/news/ai-cyberattacks-five-eyes-frontier-models-warning/\nAn international intelligence coalition comprising the United States, United Kingdom, Canada, Australia, and New Zealand issued a joint advisory warning that advanced frontier AI models are rapidly collapsing offensive cyber timelines. The group cautioned corporate boards and infrastructure operators that AI-driven exploitation capabilities will outpace standard enterprise defenses in a matter of months rather than years, vastly lowering technical barriers for automated network intrusions.\n\n14 Million Email Accounts Exposed in Cyberattack on Japanese Telecom Giant KDDI\n\nSource URL: https://www.nippon.com/en/news/yjj2026062301023/\nJapanese telecommunications provider KDDI Corp. disclosed a massive data breach targeting its email infrastructure utilized by several domestic internet service providers. The cyberattack, which exploited zero-day vulnerabilities in a third-party software component embedded in the email system, has potentially exposed up to 14.22 million user email addresses and encrypted passwords across major partner networks including JCOM, Biglobe, and Nifty.\n\nActive Exploitation of Cisco Unified Communications Manager Flaw Triggers Root-Level Risk\n\nSource URL: https://thehackernews.com/2026/06/23/attackers-exploit-cisco-unified-cm-flaw-weeks-after-patch-release/\nThreat intelligence teams detected active, in-the-wild exploitation of a critical server-side request forgery (SSRF) flaw in Cisco’s Unified Communications Manager and Session Management Edition. Tracked as CVE-2026-20230 (CVSS 8.6), the bug allows unauthenticated, remote attackers to send crafted HTTP requests to the WebDialer service, enabling them to write arbitrary files directly to the underlying operating system and escalate privileges to root.", "creation_timestamp": "2026-06-24T09:50:42.000000Z"}, {"uuid": "18a4f668-a745-414a-99e6-148a9f97edc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40766", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mp2ihflbg52d", "content": "The patch fixed the code. Nobody fixed the configuration.\n\nCVE-2024-40766.\n\nhttps://www.yazoul.net/news/article/cve-2024-40766-the-patch-fixed-the-bug-nobody-fixed-the-configuration-tue-jun-23/\n\n#InfoSec #ThreatIntel", "creation_timestamp": "2026-06-24T17:57:10.407457Z"}, {"uuid": "cc1ce0a8-c0d8-4f7c-8ca1-91d19a266cab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://threatintel.cc/2026/06/24/morning-cyber-summary.html", "content": "Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks\n\nSource URL: https://www.securityweek.com/eight-year-old-samsung-knox-flaw-exposed-millions-of-galaxy-devices-to-kernel-attacks/\nResearchers disclosed a high-severity use-after-free (UAF) race condition flaw (CVE-2026-20971, CVSS 7.8) affecting Samsung Galaxy S9 through S25 devices. The bug resides in the interaction between the kernel’s process authenticator (PROCA) and its integrity subsystem (FIVE), leaving a tiny preemption window open during child process spawning that attackers can exploit to compromise the kernel.\n\nMythos Discovers ‘Squidbleed,’ a Memory Leak That’s Gone Undetected Since Clinton Era\n\nSource URL: https://www.theregister.com/security/2026/06/23/mythos-discovers-squidbleed-a-memory-leak-thats-gone-undetected-since-clinton-era/\nA 29-year-old vulnerability dubbed “Squidbleed” (CVE-2026-47729) was discovered in the popular open-source caching proxy server Squid using Anthropic’s Claude Mythos Preview AI. The flaw silently leaks users' plaintext HTTP requests, credentials, and session tokens, posing significant data exposure risks across enterprise networks and older legacy environments. It was resolved in version 7.6.\n\nFortiBleed-kyberhy\u00f6kk\u00e4yskampanjan vaikutukset n\u00e4kyv\u00e4t my\u00f6s Suomessa\n\nSource URL: https://www.kyberturvallisuuskeskus.fi/fi/uutiset/fortibleed-kyberhyokkayskampanjan-vaikutukset-nakyvat-myos-suomessa\nThe global FortiBleed cyberattack campaign heavily impacts Fortinet FortiGate firewalls and SSL-VPN appliances using previously leaked or stolen credentials. The Finnish National Cyber Security Centre (Kyberturvallisuuskeskus) has begun mapping targeted organizations across Finland and releasing remediation guidelines to counter ongoing unauthorized access attempts.\n\nCVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration.\n\nSource URL: https://isc.sans.edu/diary/rss/33094\nDespite a 2024 patch for an improper access control flaw (CVE-2024-40766, CVSS 9.3) impacting SonicWall Gen 5, 6, and 7 firewalls, ransomware operators continue to successfully compromise networks due to unmanaged configurations. The vulnerability targets the management interface and SSLVPN services, allowing threat actors to drop entire networks or gain complete device control.\n\nNew macOS ClickFix Attack Silently Mounts DMGs to Push Infostealer\n\nSource URL: https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/\nA novel macOS ClickFix social engineering campaign tricks users into running malicious Terminal commands via fake CAPTCHA verification prompts. Upon execution, the script uses the native hdiutil utility to silently download, mount, and execute a disk image (DMG) bundle containing the Atomic macOS Stealer (AMOS), harvesting browser credentials, system Keychains, and crypto wallet data.\n\n‘Cordyceps’: Mushrooming Malicious Pull Requests Threaten Developer Workflows\n\nSource URL: https://www.darkreading.com/application-security/cordyceps-malicious-pull-requests-developer-workflows\nDubbed “Cordyceps,” a newly identified architectural weakness within automated CI/CD pipelines allows malicious pull requests to compromise software supply chains. By exploiting overly permissive access controls in automated pre-merge testing workflows, attackers can execute command injection to hijack highly privileged signing keys and access tokens.\n\nThe Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration\n\nSource URL: https://unit42.paloaltonetworks.com/cloud-bucket-hijacking-risks/\nPalo Alto Networks Unit 42 uncovered a structural flaw across AWS, Google Cloud, and Microsoft Azure involving global namespace collision. Attackers can silently hijack an organization’s active cloud data streams by anticipating, deleting, and immediately recreating targeted storage buckets under their own control, leaving minimal detection signatures during data exfiltration.\n\nLastPass Confirms Data Breach in Klue Supply Chain Attack\n\nSource URL: https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/\nLastPass suffered a security breach impacting its corporate Salesforce environment after threat actors stole OAuth tokens from Klue, a third-party market intelligence platform. While customer password vaults and internal core infrastructure remain fully isolated and untouched, the attackers successfully extracted internal corporate CRM data, customer names, and support log information.\n\nTata Electronics Confirms Cyberattack After Alleged Apple, Tesla Documents Appear Online\n\nSource URL: https://therecord.media/tata-electronics-confirms-cyberattack\nIndian manufacturing giant Tata Electronics confirmed a recent network breach following claims by extortion group “World Leaks,” who published stolen documents allegedly detailing proprietary client data from Apple and Tesla. Tata maintains that the incident was isolated, successfully contained, and has caused zero operational downtime.\n\nPayouts King Ransomware Initial Access Broker Deploys New Edgecution Malware\n\nSource URL: https://www.zscaler.com/blogs/security-research/payouts-king-ransomware-initial-access-broker-deploys-new-edgecution\nZscaler ThreatLabz isolated a stealthy delivery mechanism dubbed “Edgecution,” deployed by initial access brokers linked to the Payouts King ransomware family. The attack abuses a malicious Microsoft Edge browser extension that manipulates the Chrome native messaging protocol to bypass browser sandboxing entirely, triggering arbitrary local file system modification and execution.\n\nAI Models Capable of Launching Major Cyberattacks Months Away, Five Eyes Alliance Warns\n\nSource URL: https://www.cybersecuritydive.com/news/ai-cyberattacks-five-eyes-frontier-models-warning/\nAn international intelligence coalition comprising the United States, United Kingdom, Canada, Australia, and New Zealand issued a joint advisory warning that advanced frontier AI models are rapidly collapsing offensive cyber timelines. The group cautioned corporate boards and infrastructure operators that AI-driven exploitation capabilities will outpace standard enterprise defenses in a matter of months rather than years, vastly lowering technical barriers for automated network intrusions.\n\n14 Million Email Accounts Exposed in Cyberattack on Japanese Telecom Giant KDDI\n\nSource URL: https://www.nippon.com/en/news/yjj2026062301023/\nJapanese telecommunications provider KDDI Corp. disclosed a massive data breach targeting its email infrastructure utilized by several domestic internet service providers. The cyberattack, which exploited zero-day vulnerabilities in a third-party software component embedded in the email system, has potentially exposed up to 14.22 million user email addresses and encrypted passwords across major partner networks including JCOM, Biglobe, and Nifty.\n\nActive Exploitation of Cisco Unified Communications Manager Flaw Triggers Root-Level Risk\n\nSource URL: https://thehackernews.com/2026/06/23/attackers-exploit-cisco-unified-cm-flaw-weeks-after-patch-release/\nThreat intelligence teams detected active, in-the-wild exploitation of a critical server-side request forgery (SSRF) flaw in Cisco’s Unified Communications Manager and Session Management Edition. Tracked as CVE-2026-20230 (CVSS 8.6), the bug allows unauthenticated, remote attackers to send crafted HTTP requests to the WebDialer service, enabling them to write arbitrary files directly to the underlying operating system and escalate privileges to root.", "creation_timestamp": "2026-06-25T01:00:41.143922Z"}, {"uuid": "f901dc31-6a5f-48e6-ae00-da9066ad4b46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40766", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mp3v2ndidc2o", "content": "CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)\n\nisc.sans.edu/diary/rss/33...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-06-25T07:15:21.609629Z"}, {"uuid": "9ecad608-eadf-486f-97b2-d62c234d125d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40766", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mp6vhaibjm2q", "content": "\ud83d\udce2 CVE-2024-40766 SonicWall : le patch ne suffit pas, les configurations restent vuln\u00e9rables\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nAnalyse publi\u00e9e le 23 juin 2026 par Manuel\u2026\nhttps://cyberveille.ch/posts/2026-06-26-cve-2024-40766-sonicwall-le-patch-ne-suffit-pas-les-configurations-restent-vulnerables/ #Akira #Cyberveille", "creation_timestamp": "2026-06-26T12:00:22.645317Z"}]}