As an Amazon Associate, we earn from qualifying purchases. TweakTown may also earn commissions from other affiliate partners at no extra cost to you.
An unidentified threat actor is conducting brute-force attacks targeting over 2.8 million VPN and network devices worldwide. Threat monitoring platform The Shadowserver Foundation posted the reports to X, highlighting a wave of intrusion attempts against networks using devices from Palo Alto, Ivanti, and SonicWall.
There's a specific concentration of attacks in Brazil, Turkey, Russia, and Argentina, with 1.1 million of the 2.8 million affected devices located in Brazil. The foundation also reports that the brute-force attacks are primarily targeting vulnerable edge (network) devices - particularly compromised routers from manufacturers such as MikroTik, Huawei, Cisco, Boa, and ZTE. Threat actors are leveraging a botnet or residential proxy network to disguise malicious traffic, making detection and mitigation more difficult.
The companies above often provide enterprise-level VPNs used for remote work and secure corporate access, making them targets for network infiltration. As reported by Techradar, the attack fits the profile of a conventional brute-force attack, during which threat actors submit large numbers of username and password combinations until breaking through. In that regard, devices with week or reused credentials are particularly vulnerable.
The attack primarily affects businesses and corporate networks - particularly those that rely on VPNs for remote access. Government agencies, financial institutions, and enterprises experience the highest risk factor, but small businesses with outdated network security may also be affected.
Organizations using affected devices should apply firmware updates and security patches immediately, strengthen password policies, and review network access controls to mitigate potential threats.
Battlefield 6 footage immediately surfaces online in widespread leaks
Three million smart toothbrushes infected by malware were used in a massive DDoS attack
Microsoft's free built-in VPN is going live in Edge browser
Nintendo fires lawsuits against people involved in Nintendo piracy networks
VPN demand skyrockets in Venezuela after government blocks access to X
Duke Nukem is coming back, but not as a game
ASRock unveils Radeon RX AI PRO R9700 Creator: workstation GPU with 32GB VRAM, 12V-2x6 power
Twitch CEO reveals two-thirds revenue driven by viewers
Splitgate 2 CEO suspends salary as studio 1047 Games lays off developers
Nexus Mods' new owner: 'mods will always be free'
be quiet! Pure Base 501 DX Mid-Tower Chassis Review
ASUS PRIME Radeon RX 9060 XT 16GB OC Edition Review - Mainstream RDNA 4 is a Winner
Corsair EX400U 2TB Portable SSD Review - World's Fastest Native USB Storage
ASUS Zenbook A14 (Qualcomm Snapdragon X Elite) Laptop Review
ASRock Radeon RX 9060 XT 16GB Steel Legend OC Review - AMD Brings the Fight to GeForce RTX
INNO3D GeForce RTX 5060 8GB TWIN X2 OC Review - Impressive but Flawed Generational Performance
ADATA XPG Mars 980 Blade 2TB SSD Review - 14,000 MB/s on the Cheap
HighPoint Rocket 7604A Gen5 x16 NVMe RAID AIC Review - Half the Size, All the Speed
Geometric Future Model 5 Vent Mid-Tower Chassis Review
OBSBOT Tail 2 Review - The New YouTuber, Streamer, Podcasting AI Camera
Phison E28 SSD Controller Preview - The Empire Strikes Back
Mission: Impossible - The Final Reckoning Cinema Review
TweakTown's Best of Computex 2025 Awards - Tech, Hardware, Gaming Gear, and AI
TweakTown's 2025 CPU Cooler Testing and Methodology Update
How you can become your own Netflix with UGREEN and Seagate