SonicWall Gen 7 firewalls have been targeted in over 20 ransomware attacks exploiting SSL VPN vulnerabilities, initially suspected as a zero-day but later attributed to a known bug (CVE-2024-40766) and weak password practices, particularly during migration from Gen 6 to Gen 7 without resets. The Akira ransomware group has been linked to these breaches, which have compromised domain controllers within hours. SonicWall has advised customers to disable SSL VPNs as a precaution. Separately, Google released its August security patch addressing two Qualcomm vulnerabilities actively exploited in the wild, including one allowing phone hijacking via the graphics chip without user interaction. Trend Micro confirmed active exploitation of critical zero-day flaws (CVE-2025-54948 and CVE-2025-54987) in its Apex One on-premise systems, with remote code execution possible. Additionally, critical zero-day bugs have been discovered in CyberArk and HashiCorp password vaults, and over 100 Dell PC models were found vulnerable to ControlVault3 firmware bugs, prompting urgent updates. Security experts warn that some of these exploits may be linked to nation-state threat actors.