SonicWall has blamed “state-sponsored threat actors” for the cloud backup security breach which hit its services in September 2025.
In an update posted on the company’s website, SonicWall said it completed the investigation into the incident, and confirmed that the malicious activity was “carried out by a state-sponsored threat actor” and was “isolated to the unauthorized access of cloud backup files from a specific cloud environment using an API call.”
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs
June 25, 2026
A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that compromises corporate networks and then sells that access to ransomware groups, according to security researchers. This backdoor, also tracked as MLTBackdoor, was first documented by Zscaler earlier this month, with the security shop suggesting the novel malware is ...
- Almost half of ransomware victims have data stolen before they can even detect an intrusion
June 25, 2026
Criminals are getting better at hiding within their victims’ infrastructure, lurking and stealing files without triggering any alarms whatsoever. Earlier today, network detection and response experts ExtraHop released the “Global Threat Landscape Report”, based on a survey of more than 1,800 IT and security leaders worldwide. In it, it is said that roughly half (49%) of ...
- US healthcare AI platform Xsolis confirms data breach that affects 1.4 million individuals
June 23, 2026
Healthcare technology company Xsolis disclosed a cyberattack in which it lost sensitive data on almost 1.4 million customers. Xsolis is a company that uses AI to help healthcare organizations make faster and more consistent decisions about patient care and utilization management. Earlier this week, it published a data breach notification on its website, saying that it ...
- A VBScript campaign distributed through WhatsApp deploying RMM software
June 22, 2026
In June 2026, Kaspersky observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, with the highest number of victims observed in Malaysia. At the time of writing this article, ...
- AI models capable of devastating attacks on governments and business months away
June 22, 2026
Powerful AI models capable of devastating new cyber attacks on governments and businesses are mere months away, intelligence agencies for the Five Eyes have warned in a rare joint statement, urging leaders to “act now”. The surprising public intervention by signals agencies for Australia, the US, the UK, New Zealand and Canada comes after the Trump administration ...
- Brazil probes emergency warning system after nationwide rogue alert
June 22, 2026
The Brazilian National Secretariat for Civil Protection and Defense (SEDEC) and Federal Police (PF) are investigating a suspected hack of the country’s emergency alert system after an unauthorized “extreme” alert pinged devices across the country. Defesa Civil Nacional confirmed that its dispatch platform, often used to inform the public about severe weather events, was taken offline in ...