Web Scanning SonicWall for CVE-2021-20016 - Update
Scans for SonicWall increased by an order of magnitude over the last couple of weeks. Many of the attacks appear to originate from Global Host , a low-cost virtual hosting provider.
https://isc.sans.edu/diary/Web%20Scanning%20SonicWall%20for%20CVE-2021-20016%20-%20Update/31952)
Google Update Patches Exploited Chrome Flaw
Google released an update for Chrome. The update fixes two specific flaws reported by external researchers, CVE-2025-4664 and CVE-2025-4609. The first flaw is already being exploited in the wild.
https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html)
https://x.com/slonser_/status/1919439373986107814)
RVTools Bumblebee Malware Attack
Zerodaylabs published its analysis of the RV-Tools Backdoor attack. It suggests that this may not be solely a search engine optimization campaign directing victims to the malicious installer, but that the RVTools distribution site was compromised.
https://zerodaylabs.net/rvtools-bumblebee-malware/)
Operation RoundPress
ESET Security wrote up a report summarizing recent XSS attacks against open-source webmail systems
https://www.welivesecurity.com/en/eset-research/operation-roundpress/)
