From 2-spyware.com
![Flaw exploited before the patch](https://www.2-spyware.com/news/wp-content/uploads/news/firewall-flaw-exploited-before-the-patch_en-400x225.jpg)
Hackers used the zero-day exploit for the critical-severity flaw in Sophos Firewall. Criminals used the flaw to compromise a South Asian company and breached cloud-hosted web servers.[1] The issue has been fixed after that, but threat actors managed to exploit the security vulnerability to bypass authentication and run arbitrary code remotely to attack various organizations.[2]