More results...
Impacting VMware Aria Operations and VMware Tools, the flaw can be exploited to elevate privileges on the VM.
The post Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability appeared first on SecurityWeek.
Broadcom patched six VMware flaws, including CVE-2025-41244, which has been exploited in the wild as a zero-day since mid-October 2024 by UNC5174 Broadcom addressed six VMware vulnerabilities, including four high-severity issues. One of these flaws, tracked as CVE-2025-41244 (CVSS score 7.8), allows local users to escalate to root via VMware Tools and Aria Operations. “VMware […]
The flaws could allow attackers to escalate privileges, manipulate notifications, and enumerate usernames.
The post High-Severity Vulnerabilities Patched in VMware Aria Operations, NSX, vCenter appeared first on SecurityWeek.
A new report from Google’s GTIG reveals how UNC3944 (0ktapus) uses social engineering to compromise Active Directory, then exploits VMware vSphere for data theft and direct ransomware deployment. Understand their tactics and learn vital mitigation steps.
The financially motivated group is pivoting from Active Directory to VMware vSphere environments, deploying ransomware from the hypervisor.
The post Scattered Spider Targeting VMware vSphere Environments appeared first on SecurityWeek.
Chinese cyberespionage group Fire Ant is targeting virtualization and networking infrastructure to access isolated environments.
The post Chinese Spies Target Networking and Virtualization Flaws to Breach Isolated Environments appeared first on Securit…
VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them. Broadcom four vulnerabilities in VMware products demonstrated at Pwn2Own Berlin 2025. White hat hackers earned over $340,000 for VMware exploits, including $150,000 awarded to STARLabs SG for using an integer overflow flaw to compromise VMware ESXi. Below […]
Four CVEs disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products.
The post VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched appeared first on SecurityWeek.
VMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available.
The post NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch appeared first on SecurityWeek.
The official site for RVTools has apparently been hacked to serve a compromised installer for the popular utility, a security researcher has warned. It’s difficult to say how long the malicious version has been available for download, but the web…