"Hackers Mount Zero-Day Attacks on Sophos Firewalls"

Adversaries are targeting the Sophos XG firewall (both virtual and physical versions) using a zero-day exploit.  The ultimate goal of the adversaries is to drop the Asnarok malware on vulnerable appliances.  The bug in question is a pre-authentication SQL injection vulnerability that leads to remote code execution.  It affects systems configured with either the administration interface or the user portal exposed to the WAN zone.  

Threatpost reports: "Hackers Mount Zero-Day Attacks on Sophos Firewalls"