Yesterday, SonicWall issued an urgent security notice regarding a critical risk to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. Specifically, stolen credentials targeting the products are being used in a ransomware campaign. While SonicWall and several sources have headlined this as an “imminent” threat, multiple credible sources have stated this activity is actually on-going, citing prior research by Crowdstrike. Members running any of the affected products are urged to address immediately to reduce the risk of exploitation. For more information, visit The Record.