From 2-spyware.com
Hackers used the zero-day exploit for the critical-severity flaw in Sophos Firewall. Criminals used the flaw to compromise a South Asian company and breached cloud-hosted web servers.[1] The issue has been fixed after that, but threat actors managed to exploit the security vulnerability to bypass authentication and run arbitrary code remotely to attack various organizations.[2]