Search

Hackers Exploit ArrayOS AG VPN Flaw to Plant Webshells

Cyber threats and incidents
By Monique Angeli Mendoza
Hackers Exploit ArrayOS AG VPN Flaw to Plant Webshells

Related

Cyber threats and incidents

DPRK Operatives Exploit LinkedIn Identities to Infiltrate Remote Hiring and Target Global Firms

What happened North Korean (DPRK) cyber operatives are impersonating real...
Read more
Cyber threats and incidents

Microsoft’s February Patch Tuesday Fixes 59 Vulnerabilities Including Six Actively Exploited Zero‑Days

What happened Microsoft released its February 2026 Patch Tuesday security...
Read more
Cyber threats and incidents

APT36 Escalates Linux‑Focused Attacks with New Espionage Tools

What happened Pakistan‑linked advanced persistent threat group APT36 (also known...
Read more
Cyber threats and incidents

North Korean UNC1069 Escalates AI‑Enabled Attacks on Finance and Crypto Firms

What happened North Korea‑linked threat actor UNC1069 has intensified cyberattacks...
Read more
AI and security

Microsoft Patches High-Severity Remote Code Execution Flaw in Windows Notepad

What happened Microsoft released a security patch addressing a high-severity...
Read more

Share

What happened

Attackers are exploiting a command injection flaw in Array Networks’ ArrayOS AG VPN to install webshells on vulnerable devices.

Who is affected

Organizations that use ArrayOS AG VPN appliances and have not applied the most recent security update.

Why CISOs should care

The flaw is under active exploitation. Once attackers plant a webshell, they gain persistent remote access to the device. This access can be used for lateral movement, data theft, or staging further attacks. Since VPN appliances sit at the network edge, a breach can weaken core security controls.

3 practical actions

  1. Patch all ArrayOS AG VPN appliances to the latest version.

  2. Review logs and file systems for webshells or unusual activity.

  3. Isolate VPN appliances from sensitive systems and enforce strict access policies.

Previous article
Cloudflare Outage Knocks Sites Offline With 500 Errors
Next article
Predator Spyware Uses New Tricks to Bypass Device Security

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.