There was an article originally released in January 2022 highlighting an exploitable “potential zero-day weaknesses” [1] for Sonicwall. However, upon reviewing the submissions made over the last year to ISC, we noted that this past week marked the initial influx of reports. The activity transpired on 23 April 2025, between 18:00 – 19:00 UTC, and since that time, according to the reports provided to DShield (refer to the graphs below), similar activities have been occurring nearly every day: