QNAP warns customers of an actively exploited Roon Server zero-day bug and eCh0raix ransomware attacks targeting their Network Attached Storage (NAS) devices. The Taiwan-based NAS appliance maker urges customers to “act immediately”” to protect their data. The company also fixed a command injection vulnerability in the Malware Remover app on Thursday. This security flaw would allow remote attackers to execute arbitrary commands on devices running vulnerable app versions of Roon Labs’ Roon server 2021-02-01.”
Source: https://www.bleepingcomputer.com/news/security/qnap-warns-of-ech0raix-ransomware-attacks-roon-server-zero-day/