In a move that surprised absolutely no one who’s ever heard the term ‘cybersecurity,’ hackers have found yet another way to infiltrate the supposedly secure AG Series gateways by Array Networks, who, ironically, are more surprised than the rest of us.

JPCERT/CC recently confirmed the active exploitation of a command injection vulnerability that has been merrily exploited since August 2025, because why protect a gateway when you can have a ‘welcome all’ sign instead? The vulnerability is rooted in Array’s DesktopDirect, which seems to be better at directly inviting cybercriminals than actually securing desktops.

Array Networks, who were apparently under the impression that ignoring such issues would make them go away, finally addressed the gap in May 2025, akin to locking your door months after thieves have made themselves at home. For those concerned, rest assured: the hackers have complimented the company on providing such a user-friendly backdoor experience.