Issue #169 - September 29, 2025
- Weekly INK
- Sep 28, 2025
- 2 min read
Maximum severity GoAnywhere MFT flaw exploited as zero day
Source: BleepingComputer
Attackers are actively exploiting a newly disclosed GoAnywhere MFT flaw that allows remote, unauthenticated command injection. Organizations that move files with GoAnywhere should patch immediately, pull the admin console off the internet, and review logs for suspicious activity - especially if partners exchange sensitive data through the platform.
Volvo Employee SSNs Stolen in Supplier Ransomware Attack
Source: Dark Reading
A ransomware hit on a third-party HR SaaS provider exposed Volvo Group North America employee names and Social Security numbers—another reminder that vendor breaches quickly become your breach. Review what employee data vendors hold, tighten contracts, and test incident playbooks for supply-chain shocks that can ripple to payroll and HR.
SonicWall SSL VPN Attacks Escalate, Bypassing MFA
Source: Infosecurity Magazine
Akira ransomware actors are breaking into SonicWall SSL VPN appliances by abusing a legacy flaw and harvested credentials—sometimes even when time-based MFA is enabled. SMBs should patch affected versions, rotate VPN credentials, restrict remote access, and monitor for unusual logins followed by rapid encryption activity.
Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware
Source: The Hacker News
State-aligned actors exploited Cisco firewall zero-days to implant persistent malware that survives reboots and can bypass VPN AAA. Older ASA models near end-of-support are most at risk. Patch immediately, inventory exposed devices, and plan hardware refreshes where Secure Boot and modern protections are unavailable.
Hour-Long Email Phishing Breach Affects PHI of 150,000
Source: Data Breach Today
A Florida-based technology firm that provides medication therapy management and other services to health plans is notifying nearly 150,000 people that their information was potentially compromised in a phishing attack affecting just one employee's email account for only about an hour.