SonicWall has disclosed a critical vulnerability (CVE-2024-40764) in its SonicOS IPSec VPN, potentially allowing remote attackers to create a Denial of Service condition. The flaw, found in various versions of SonicWall’s Gen6 and Gen7 platforms, has a severity level of 7.5. SonicWall has released a workaround and is developing a patch to fix the issue.
NPM Worm Hits Namastex Packages, Steals Secrets Across Registries
A newly uncovered npm malware campaign is targeting packages linked to Namastex Labs, abusing developer trust to steal sensitive secrets and silently spread across both
