There are cyber security tools, such as routers, protection walls and VPNs, to protect corporate networks from invaders and malicious hackers, which is particularly important in today’s era of widespread remote and hybrid work.
But while the tools that help organisms remain safe from external threats, many of these products have again been found again that they contain software errors that allow malicious hackers to endanger the networks themselves are designed to protect.
These errors have been accused of explosion in mass production campaigns in recent years, where malicious hackers abuse these frequently useful security defects to enter the networks of thousands of organizations and steal the company’s sensitive data.
We have put together a brief history of mass hacks and will update this article when they will be inevitably appeared.
One of the first massives of this decade saw a notorious ransomware crew exploits a vulnerability in Fortra’s file software, a product used by companies to share large files and sensitive data sets over the Internet. The Ransomware productive gang has exploited the error to endanger more than 130 organizations and to steal the personal data of millions of people. The vulnerability took advantage of a zero day, which means that Fortra had no time to correct it before attacking. Clop later published data stolen by victim organizations that do not pay hackers. Hitachi Energy, Rubrik Security Giants and Florida’s technology organization NationBenefits, which saw the data of over three million members stolen in the attack-labeled invasions from Buggy software.
May 2023: Moving defects allowed theft of 60 million people data
Moveit’s massive hack remains one of the largest mass mass violations of all time, with hackers abuse a defect in another widely used file transfer software, developed by progress software, to steal data from several thousand organizations. The attacks were again claimed by the Ransomware Clop team, which took advantage of Moveit vulnerability to steal data for more than 60 million people, according to Cybersecurity Company Erythrocos. US government services contributing by Giant Maximus were the biggest victim of moving violations after confirmation that hackers access to protected health information of 11 million people.
October 2023: Cisco Zero-Day Exposed Thousand of Routers for redemption
Massives continued in the second half of 2023, with hackers taking advantage of a non -nil vulnerability of zero day in Cisco’s networking software throughout October to compromise tens of thousands of software -based software, such as business switches, Wireless controllers, access points, access points, access points, and industrial routers. The error has given the attackers “complete control of the compromised device”. While Cisco did not confirm how many customers had been affected by the defect, censorship, a search engine for devices and internet assets, he says he had noticed almost 42,000 compromised devices on the internet.
November 2023: Ransomware gang exploits Citrix error
Citrix Netscaler, who use large businesses and governments to deliver applications and VPN connectivity, became the last goal of mass hack just a month later in November 2023. The error, known as “Citrixbleed” sensitive information from Netscaler systems have been infected with big name companies. Boeing aerospace giant, Allen & Overy Law Firm and China’s Industrial and Commercial Bank are claiming victims.
January 2024: China hackers took advantage of Ivanti VPN errors for company breach
Ivanti became a name synonymous with massives, as the state -backed Chinese hackers began to massively conduct two critical zero day vulnerabilities at Ivanti Secure VPN Appliance. While Ivanti said then that only a limited number of customers had been affected, Cybersecurity Volexity found that more than 1,700 Ivanti devices were exploited worldwide, affecting the organizations in aerospace, banking, defense and telecommunications. US Government Services with Ivanti Hound Systems were instituted immediately Remove off -duty systems. The exploitation of these vulnerabilities has been since then connected The espionage team backed by China, known as Typhoon Salt Typhoon, who was most recently found to have been tired of at least nine US telecommunications companies.
In February 2024, hackers were targeted at two “easy -to -exam” vulnerabilities at Connectwise ScreenConnect, a popular remote access tool that allows technicians and support to provide distance technical assistance directly to customer systems. The cyber security giant said that at that time his researchers had noticed “mass exploitation” of the two defects, which were abused by various actors threatened to develop passwords, backdoors and in some cases ransomware.
Hackers hit Ivanti’s customers (again) with fresh bugs
Ivanti again made headlines – also in February 2024 – when the attackers took advantage of another vulnerability to the widely used Enterprise VPN Appliance to lose its customers. The Shadowserver Foundation, a non -profit organization scanning and monitoring the internet for exploitation, told TechCrunch as it had observed more than 630 unique IP addresses trying to exploit the server defect, which allows invaders to access devices and systems is apparently protected by Ivanti vulnerable devices.
November 2024: Palo Alto Firewall errors put thousands of business at risk
Later in 2024, the hackers received the potentially of thousands of organizations, taking advantage of two zero -day vulnerabilities in software made by the cyberspace giant Palo Alto Networks and used by customers around the world. The vulnerabilities of the Pan-Os, the operating system performed on all Palo Alto’s next generation walls, allowed the attackers to reconcile and anger sensitive data from corporate networks. According to Researchers in WatchTowr Labs of Security Companywhich reverses Palo Alto patches, the defects have emerged from basic mistakes in the development process.
December 2024: Clop reconciles Cleo customers
In December 2024, the Ransomware Clop gang aims at yet another popular file transfer technology to launch a new wave of mass hacks. This time, the gang took advantage of defects in tools made by Cleo Software, a manufacturer of business software based in Illinois, to target dozens of company customers. In early January 2025, the Clop reported nearly 60 Cleo companies allegedly at stake, including the US and German Construction Giant Covestro giant. By the end of January, the Clop added another 50 alleged Cleo Mass-Hack victims to the Dark Web.


January 2025: New Year, new Ivanti errors under attack
The new year began with Ivanti falling victim to hackers – again. The American software giant warned their customers in early January 2025 that hackers were exploiting a new vulnerability of zero day in VPN to violate its corporate customers networks. Ivanti said that a “limited number” of customers was affected, but refused to say how much. The Shadowserver Foundation says that his data show Hundreds of customer systems.
Fortinet Firewall errors took advantage of December
A few days after Ivanti’s latest error was revealed, Fortinet confirmed that hackers had exploited a vulnerability on its protection walls to break the networks of its corporate and business customers. The defect, which affects the Fortigate walls of Cybersecurity Company, had “exploited” as a zero -day error since at least in December 2024, according to research companies. Fortinet declined to say how many clients were influenced, but the security companies who investigated the attacks observed invasions that affect the “dozens” of the affected devices.
Sonicwall says hackers are remote customers
January 2025 remained a busy month for hackers who exploit errors in business security software. Sonicwall said in late January that hackers who have not been recognized are exploiting a recently discovered vulnerability in one of its business products to break its customer networks. The vulnerability, which affects the Sonicwall remote access device, was discovered by Microsoft researchers and “is confirmed as actively exploiting in the wild,” according to Sonicwall. The company has not said how many of its customers have been affected or if the company has the technical ability to confirm but with More than 2,300 devices exposed onlineThis error has the ability to be the last mass hack of 2025.
