SonicWall VPN Attacks, LockBit Tactics & Apple Bounties – 10/11/2025

Today’s critical threat landscape is dominated by a widespread compromise of SonicWall SSL VPNs, where attackers are leveraging valid credentials for broad access. We are also tracking the evolution of ransomware tactics, as LockBit operators are now weaponizing the legitimate DFIR tool Velociraptor in their attacks. Additional intelligence covers Apple’s significant increase in bug bounty rewards and emerging developments in AI governance and research. Stay informed on these key issues.

Top 2 Critical Security Alerts

• Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts: Huntress warns of a widespread compromise affecting SonicWall SSL VPN devices, where attackers are using valid credentials for rapid, large-scale access to customer environments. Read more
• Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks — Threat actors associated with the LockBit ransomware are abusing the open-source digital forensics and incident response (DFIR) tool Velociraptor to facilitate their attacks. Read more

Security Tools & Best Practices

• Apple ups the reward for finding major exploits to $2 million — To incentivize security research, Apple has increased its maximum bug bounty reward to $2 million for major exploits, with potential bonuses pushing the total payout to $5 million. Read more

Emerging Security Technologies

• Google Deepmind’s “Vibe Checker” aims to rate AI code by human standards — A new study from Google DeepMind proposes a new benchmark to evaluate AI-generated code based on human developer preferences rather than just functional correctness. Read more
• OpenAI accused of pressuring AI regulation advocates with subpoenas — Reports indicate OpenAI has served subpoenas to civil society groups and individuals advocating for stricter AI regulations, raising concerns about corporate influence on policy. Read more
• A new information-theory framework reveals when multi-agent AI systems truly work as a team — Researchers have developed a new framework to measure genuine teamwork in multi-agent AI systems, helping to distinguish collaborative intelligence from simple parallel task execution. Read more