Search

Hackers Exploit ArrayOS AG VPN Flaw to Plant Webshells

Cyber threats and incidents
By Monique Angeli Mendoza
Hackers Exploit ArrayOS AG VPN Flaw to Plant Webshells

Related

Cyber threats and incidents

Baker University Data Breach Exposes Sensitive Data of Over 53,000 Individuals

What happened Baker University, a private institution in Baldwin City,...
Read more
AI and security

Italy Fines Apple €98.6M Over App Tracking Transparency: A New Regulatory Flashpoint for Privacy and Competition

What happened Italy’s Competition Authority (AGCM) has fined Apple €98.6 million...
Read more
Cyber threats and incidents

DDoS Cyberattack Disrupts France’s La Poste and La Banque Postale During Peak Holiday Season

What happened France’s national postal service, La Poste, and its...
Read more
Cyber threats and incidents

DOJ Takes Down Fraud Domain Behind $14.6M Bank Account Takeover Scheme

What happened The U.S. Department of Justice (DOJ) has seized...
Read more
Founders, Analysts & Industry Voices

CISOs to Watch in Copenhagen, Denmark

Cybersecurity is no longer just a technical concern; it’s...
Read more

Share

What happened

Attackers are exploiting a command injection flaw in Array Networks’ ArrayOS AG VPN to install webshells on vulnerable devices.

Who is affected

Organizations that use ArrayOS AG VPN appliances and have not applied the most recent security update.

Why CISOs should care

The flaw is under active exploitation. Once attackers plant a webshell, they gain persistent remote access to the device. This access can be used for lateral movement, data theft, or staging further attacks. Since VPN appliances sit at the network edge, a breach can weaken core security controls.

3 practical actions

  1. Patch all ArrayOS AG VPN appliances to the latest version.

  2. Review logs and file systems for webshells or unusual activity.

  3. Isolate VPN appliances from sensitive systems and enforce strict access policies.

Previous article
Cloudflare Outage Knocks Sites Offline With 500 Errors
Next article
Predator Spyware Uses New Tricks to Bypass Device Security
Cyber threats and incidents

Baker University Data Breach Exposes Sensitive Data of Over 53,000 Individuals

What happened Baker University, a private institution in Baldwin City,...
AI and security

Italy Fines Apple €98.6M Over App Tracking Transparency: A New Regulatory Flashpoint for Privacy and Competition

What happened Italy’s Competition Authority (AGCM) has fined Apple €98.6 million...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.