Page 2 – Arctic Wolf

CVE-2025-26399: Critical Unauthenticated RCE in SolarWinds Web Help Desk Through Second Bypass

Andres Ramos | September 23, 2025

Security bulletin with an exclamation point in the middle of the screen

On September 23, 2025, SolarWinds released a hotfix for a critical vulnerability impacting Web Help Desk (WHD), tracked as CVE-2025-26399. The vulnerability arises from a deserialization flaw in the AjaxProxy component that could allow a remote unauthenticated threat actor to achieve remote code execution. CVE-2025-26399 is the second bypass of a flaw originally disclosed last … CVE-2025-26399: Critical Unauthenticated RCE in SolarWinds Web Help Desk Through Second Bypass

Alabama Crimson Tide Selects Arctic Wolf as Official Cybersecurity Partner

Arctic Wolf | September 23, 2025

Strengthening the University of Alabama Athletics’ digital defense with world-class Security Operations powered by the Aurora Platform EDEN PRAIRIE, Minn. – September 23, 2025 — Arctic Wolf®, a global leader in security operations, today announced a partnership to become the Proud Cybersecurity Partner of the University of Alabama Crimson Tide Athletics Program. This partnership will … Alabama Crimson Tide Selects Arctic Wolf as Official Cybersecurity Partner

Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN

Julian Tuin | September 22, 2025

Update 22 Sept. 2025: The indicators of compromise (IoCs) table has been updated to include new ASNs and IP addresses identified across dozens of cases related to this threat campaign. Update 7 Aug. 2025: As of 6 August 2025, SonicWall has issued an updated product notice suggesting that the activity in this campaign may be … Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN

Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN

Julian Tuin | September 22, 2025

Update 9/22/25: The indicators of compromise (IoCs) table has been updated to include new ASNs and IP addresses identified across dozens of cases related to this threat campaign. Update 8/7/25: As of August 6, 2025, SonicWall has issued an updated product notice suggesting that the activity in this campaign may be tied to CVE-2024-40766, a … Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN

CVE-2025-10035: Maximum-Severity Command Injection Vulnerability in Fortra GoAnywhere MFT

Andres Ramos | September 19, 2025

On 18 September 2025, Fortra released a patch addressing a critical vulnerability in GoAnywhere Managed File Transfer (MFT), tracked as CVE-2025-10035. The vulnerability stems from a deserialisation flaw in the License Servlet of GoAnywhere MFT, allowing a remote threat actor with a valid forged license response signature to deserialise an arbitrary, threat-actor-controlled object and potentially … CVE-2025-10035: Maximum-Severity Command Injection Vulnerability in Fortra GoAnywhere MFT

CVE-2025-10035: Maximum-Severity Command Injection Vulnerability in Fortra GoAnywhere MFT

Andres Ramos | September 19, 2025

On September 18, 2025, Fortra released a patch addressing a critical vulnerability in GoAnywhere Managed File Transfer (MFT), tracked as CVE-2025-10035. The vulnerability stems from a deserialization flaw in the License Servlet of GoAnywhere MFT, allowing a remote threat actor with a valid forged license response signature to deserialize an arbitrary, threat-actor-controlled object and potentially … CVE-2025-10035: Maximum-Severity Command Injection Vulnerability in Fortra GoAnywhere MFT

Managed Endpoint Detection and Response (mEDR)

Arctic Wolf | September 18, 2025

What is mEDR? mEDR is a detection and response solution that adds a service layer onto an endpoint detection and response (EDR) tool, providing a fully managed cybersecurity service that combines next-generation EDR technology with continuous human expertise. The service is often rendered by the vendor who provides the EDR tool, further helping customers maximize … Managed Endpoint Detection and Response (mEDR)

Managed Endpoint Detection and Response (mEDR)

Arctic Wolf | September 18, 2025

SonicWall Warns Customers of Data Exposure Incident Affecting MySonicWall Configuration Backup Files

Julian Tuin | September 17, 2025

Security Bulletin text on the screen with a wolf in the background

On September 17, 2025, SonicWall released a knowledge base article detailing the exposure of firewall configuration backup files stored in certain MySonicWall accounts. SonicWall states that after identifying the incident they began an investigation containing the incident, terminating the ‘unauthorized access point’, and working with law enforcement and select cybersecurity agencies globally. Considering that sensitive … SonicWall Warns Customers of Data Exposure Incident Affecting MySonicWall Configuration Backup Files

CVE-2025-9242: Critical Unauthenticated Out-of-Bounds Write Vulnerability in WatchGuard Firebox

Andres Ramos | September 17, 2025

On 17 September 2025, WatchGuard released fixes for a critical out-of-bounds write vulnerability (CVE-2025-9242) in the iked process of WatchGuard Fireware OS, which powers their Firebox firewall appliances. This flaw allows a remote unauthenticated threat actor to execute arbitrary code and affects both the mobile user VPN with IKEv2 and the branch office VPN with IKEv2 … CVE-2025-9242: Critical Unauthenticated Out-of-Bounds Write Vulnerability in WatchGuard Firebox

CVE-2025-9242: Critical Unauthenticated Out-of-Bounds Write Vulnerability in WatchGuard Firebox

Andres Ramos | September 17, 2025

Security bulletin with exclamation point symbol in the middle of the screen

On September 17, 2025, WatchGuard released fixes for a critical out-of-bounds write vulnerability (CVE-2025-9242) in the iked process of WatchGuard Fireware OS, which powers their Firebox firewall appliances. This flaw allows a remote unauthenticated threat actor to execute arbitrary code and affects both the mobile user VPN with IKEv2 and the branch office VPN with IKEv2 … CVE-2025-9242: Critical Unauthenticated Out-of-Bounds Write Vulnerability in WatchGuard Firebox

SonicWall Warns Customers of Data Exposure Incident Affecting MySonicWall Configuration Backup Files

Julian Tuin | September 17, 2025

On 17 September 2025, SonicWall released a knowledge base article detailing the exposure of firewall configuration backup files stored in certain MySonicWall accounts. SonicWall states that after identifying the incident they began an investigation containing the incident, terminating the ‘unauthorised access point’, and working with law enforcement and select cybersecurity agencies globally. Considering that sensitive … SonicWall Warns Customers of Data Exposure Incident Affecting MySonicWall Configuration Backup Files

Inside the 2025 Security Operations Report: What 330 Trillion Data Points Reveal About Modern Cyber Risk

Arctic Wolf | September 17, 2025

Gain a data-driven perspective on how modern security operations are evolving to meet today’s threats, with AI and human expertise combining to triage threats, minimize dwell time, and deliver measurable security improvements.

How To Build Cyber Resilience

Arctic Wolf | September 17, 2025

Cyber threats are frequent, unpredictable, and indiscriminate—affecting organisations of every size and industry. For any organisation, a cyber incident is a matter of “when,” not “if.” As such, businesses must be able to prepare for, respond to, and recover from incidents, and must continually refine these capabilities to stay ahead. This is where developing and … How To Build Cyber Resilience

How To Build Cyber Resilience

Arctic Wolf | September 17, 2025

Cyber threats are frequent, unpredictable, and indiscriminate—affecting organizations of every size and industry. For any organization, a cyber incident is a matter of “when,” not “if”. As such, businesses must be able to prepare for, respond to, and recover from incidents, and must continually refine these capabilities to stay ahead. This is where developing and … How To Build Cyber Resilience

Shift Left With High-Potency Threat Intelligence for Prevention

Arctic Wolf | September 17, 2025

In today’s ever-evolving threat landscape, security teams are under pressure to detect and respond to threats faster than ever. With the overwhelming volume and manual effort required to operationalize security, many organizations struggle to stay ahead. Arctic Wolf Threat Intelligence is here to help change that, by providing high-fidelity, actionable insights that empower teams to … Shift Left With High-Potency Threat Intelligence for Prevention

Arctic Wolf Enhances Threat Intelligence Plus to Strengthen Proactive Defense

Arctic Wolf | September 17, 2025

New capabilities harness the Aurora Platform’s massive data diversity and Arctic Wolf’s AI-powered SOC intelligence to help organizations stay ahead of adversaries EDEN PRAIRIE, MN – September 17, 2025 – Arctic Wolf®, a global leader in security operations, today announced enhancements to Arctic Wolf Threat Intelligence Plus, introducing a new capability that allows organizations to … Arctic Wolf Enhances Threat Intelligence Plus to Strengthen Proactive Defense

Wormable Malware Causing Supply Chain Compromise of npm Code Packages

Arctic Wolf Labs | September 16, 2025

On 15 September 2025, reports surfaced that the widely used npm package @ctrl/tinycolor had been compromised by malware as part of a broader supply chain attack affecting over 40 packages initially, with the number rising to more than 180 according to Aikido’s blog. Upon further investigation, the first malicious package that was identified as compromised in … Wormable Malware Causing Supply Chain Compromise of npm Code Packages

Wormable Malware Causing Supply Chain Compromise of npm Code Packages

Arctic Wolf Labs | September 16, 2025

On September 15, 2025, reports surfaced that the widely used npm package @ctrl/tinycolor had been compromised by malware as part of a broader supply chain attack affecting over 40 packages initially, with the number rising to more than 180 according to Aikido’s blog. Upon further investigation, the first malicious package that was identified as compromised in … Wormable Malware Causing Supply Chain Compromise of npm Code Packages

DDoS Attack

Arctic Wolf | September 16, 2025

What is a DDoS Attack? A distributed denial-of-service (DDoS) attack consists of multiple compromised devices or systems (often qualifying as botnets) attacking a target on a given network, such as a server or website, causing a denial-of-service error. This attack results in users being unable to access a network or website, while leaving IT and … DDoS Attack

2025 Security Operations Report

Arctic Wolf | September 16, 2025

The second annual Security Operations Report demonstrates how Arctic Wolf’s world-class SOC closes the effectiveness gap with 24×7 monitoring, context-rich triage that reduces alert fatigue, and rapid human-led response to contain threats faster.

2025 Security Operations Report

Arctic Wolf | September 16, 2025

Initial Access Brokers

Sule Tatar | September 16, 2025

What Are Initial Access Brokers? Initial access brokers (IABs) are threat actors that sell cybercriminals access to organizations’ networks. Once they have access to an organization, they offer their service in underground online forums, such as the kind found on the dark web. Their primary customers are ransomware groups and related associates who purchase access … Initial Access Brokers

Arctic Wolf 2025 Security Operations Report Reveals Threat Landscape Acceleration, Majority of Security Alerts Now Occur Outside Working Hours

Arctic Wolf | September 16, 2025

Report Highlights Threat Trends from 10,000 Organizations Protected by the Aurora Platform and AI-Powered SOC EDEN PRAIRIE, Minn. – September 16, 2025 — Arctic Wolf®, a global leader in security operations, today published its 2025 Security Operations Report, analyzing more than 330 trillion security observations collected by the Arctic Wolf Aurora™ Platform and investigated through … Arctic Wolf 2025 Security Operations Report Reveals Threat Landscape Acceleration, Majority of Security Alerts Now Occur Outside Working Hours

Keylogger

Arctic Wolf | September 16, 2025

What Is a Keylogger? A keylogger is a program that monitors user keystrokes on a device. This can be used for both illegal and legitimate reasons but is often used as a kind of spyware or malware to steal credentials or other information from users. Threat actors will then use the information gathered from keyloggers … Keylogger

Penetration Testing (Pen Tests)

Arctic Wolf | September 16, 2025

What Is Penetration Testing? Penetration testing, also known as pen test, is an authorized and simulated cyber attack performed on an IT system (or systems) to evaluate existing security controls. In a pen test, an organization’s IT team allows an expert group of ethical attackers to try and compromise the organization’s security. This authorization can … Penetration Testing (Pen Tests)

Arctic Wolf Threat Intelligence

Arctic Wolf | September 15, 2025

Arctic Wolf Threat Intelligence delivers curated reports, real-time threat campaign notifications, and actionable insights powered by nine trillion weekly security observations across 10,000+ customers — helping organisations stay ahead of evolving cyber risks.

Inside the 2025 Security Operations Report: What 330 Trillion Data Points Reveal About Modern Cyber Risk

Arctic Wolf | September 15, 2025

Arctic Wolf Named to the Fortune Future 50™ List for Second Consecutive Year

Arctic Wolf | September 15, 2025

Cybersecurity leader’s innovation and growth powered by demand for the Arctic Wolf Aurora™ Platform EDEN PRAIRIE, MN – September 15, 2025 – Arctic Wolf®, a global leader in security operations, today announced it has been named to the 2025 Fortune Future 50™, a comprehensive list of global companies with elite long-term growth prospects. This marks … Arctic Wolf Named to the Fortune Future 50™ List for Second Consecutive Year

Arctic Wolf® & CyberArk

Arctic Wolf | September 12, 2025

Discover how Arctic Wolf and CyberArk integrate to enhance security operations. Learn about their combined solution for privileged access management, threat detection, and incident response, providing comprehensive protection against cyber threats.

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Accessibility Statement	Information Security	Sustainability Statement	Cookies Settings

Platform

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Incident Response Timelines

Expertise by Industry

Resource Center

Trending Resources

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

Join Arctic Wolf on an interactive journey to discover a better path past the hazards of the modern threat landscape.

Security Bulletins

CVE-2025-61882: New Critical RCE Vulnerability Linked to Oracle E-Business Cl0p Extortion Emails

Alleged Cl0p Extortion Emails Linked to July 2025 Oracle E-Business Suite Vulnerabilities

September 2025 Update on Aggressive Ongoing Akira Ransomware Campaign

Partners

Company

Careers

Press

Arctic Wolf Networks 8939 Columbine Rd Eden Prairie, MN 55347

1.888.272.8429

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.

Arctic Wolf Networks
8939 Columbine Rd
Eden Prairie, MN 55347