Thoughts, stories and ideas.

Akira Ransomware Operators Exploit SonicWall SSL VPN Flaw and Misconfigurations

Threat actors linked to the Akira ransomware group are actively exploiting SonicWall devices to gain initial access, with a sharp rise in intrusions observed since late July 2025. Cybersecurity firm Rapid7 reported a noticeable spike in incidents involving SonicWall appliances during this period, coinciding with renewed Akira activity. SonicWall confirmed

AsyncRAT Leveraged via ConnectWise ScreenConnect to Harvest Credentials and Cryptocurrency

Cybersecurity researchers have uncovered a new campaign abusing ConnectWise ScreenConnect, a legitimate Remote Monitoring and Management (RMM) tool, to deploy a fileless loader that installs the AsyncRAT remote access trojan (RAT) and steals sensitive data from compromised systems. According to a report from LevelBlue shared with The Hacker News, attackers