Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SoundCloud VPN access disruption after configuration changes

Service Disruption
First reported
Last updated
Happening score
H score 12
1 unique sources, 1 articles

Summary

Hide ▲

SoundCloud is blocking VPN access for some users, leaving them with 403 forbidden errors and temporary connectivity issues. The disruption has lasted four days and affects users who rely on VPNs to reach the platform in restricted regions. SoundCloud says configuration changes triggered the problem and that it is working to restore access.

Related Happenings

SonicWall MySonicWall cloud backup breach exposing firewall backup files

Data Leak
First: 29.01.2026 19:57 Last: 29.01.2026 19:57 Sources 1

About this happening: **SonicWall** said a **state-sponsored threat actor** stole **firewall configuration backup files** from its **MySonicWall cloud backup service** in a **September** security breac...

Open Happening

SoundCloud hit by network compromise

Incident
First: 27.01.2026 14:25 Last: 27.01.2026 14:25 Sources 1

About this happening: **SoundCloud** confirmed a **breach** that exposed personal and contact data from **29.8 million user accounts**, making the incident a major compromise of the audio streaming pla...

Open Happening

SoundCloud user data leak

Data Leak
First: 16.12.2025 02:38 Last: 16.12.2025 02:38 Sources 1

About this happening: SoundCloud confirmed a **data leak** after attackers stole a database containing user information, exposing **email addresses** and public-profile data for a large user base. The...

Open Happening

Akira SonicWall SSL VPN MFA-bypass campaign

Campaign
First: 28.09.2025 21:49 Last: 28.09.2025 21:49 Sources 1

About this happening: **Akira-affiliated** actors are causing **widespread compromise** of **SonicWall SSL VPN devices**, with Huntress reporting activity that began on **October 4, 2025** and impacted...

Latest development: 11.10.2025 16:30

Huntress warned that Akira-affiliated threat actors rapidly authenticated into multiple accounts across compromised SonicWall SSL VPN devices, affecting more than 100 accounts across 16 customer environments and beginning on October 4, 2025. In some cases the actors disconnected after a short time, while in others they performed network scanning and attempted to access local Windows accounts; authentications on the SonicWall devices originated from 202.155.8[.]73 and appeared to rely on valid credentials rather than brute force.

Open Happening

SonicWall SSL VPN access control flaw actively exploited (CVE-2024-40766)

Vulnerability
First: 11.09.2025 19:32 Last: 11.09.2025 19:32 Sources 1

About this happening: **CVE-2024-40766** is a **SonicWall SSL VPN** access control flaw that has been **actively exploited** to breach exposed devices, with **Akira ransomware** tied to the campaign. R...

Latest development: 29.09.2025 12:32

Akira ransomware remains active against SonicWall firewalls, with Arctic Wolf observing dozens of incidents over the past three months tied to CVE-2024-40766 abuse, SSL VPN logins from VPS hosting providers, Impacket SMB activity, and Active Directory discovery. The campaign targets SSL VPN accounts using OTP MFA, and Barracuda separately observed Akira affiliates using Datto RMM, backup agents, and PowerShell to gain control while avoiding security alerts.

Open Happening

Timeline

  1. 15.12.2025 20:20 2 articles · 5mo ago

    SoundCloud blocks VPN users with 403 errors after configuration changes

    Initial Disclosure

    SoundCloud says some configuration changes caused temporary connectivity issues for users accessing the service over VPNs, leaving them with 403 'forbidden' errors and blocking access to SoundCloud while the company works to resolve the problem.

    Show sources
    Open in new tab