Bleeping Computer

Sophos discloses critical Firewall remote code execution flaw

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH ...
Ars Technica

Sophos Firewall 0day allowing remote code-execution comes under attack

And just last week they were spamming me with a lightweight "whitepaper" about how I totally needed Sophos XG to sniff out next generation malware in all that sinister SSL... More competent work there ...
Bleeping Computer

Sophos fixes SQL injection vulnerability in their Cyberoam OS

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. Sophos purchased firewall and router maker Cyberoam Technologies in 2014 and has ...