A critical code injection security vulnerability in Sophos Firewall product is being exploited in the wild. Sophos has observed this vulnerability being used to target a small set of specific organizations, primarily in the South Asia region. The company says it has released hotfixes for versions affected by this security bug (v19.0 MR1 (19.1 MR1) and older) that will roll out automatically to all instances since automatic updates are enabled by default. The flaw was found in the User Portal and Webadmin of Sophos.Read Long Article
