Collaborate Disseminate
Ivanti, VMware, and Zoom released fixes for dozens of vulnerabilities in their products on April 2025 Patch Tuesday.
The post Vulnerabilities Patched by Ivanti, VMware, Zoom appeared first on SecurityWeek.
Continue reading Vulnerabilities Patched by Ivanti, VMware, Zoom
CVE-2025-22230 is described as an “authentication bypass vulnerability” by Broadcom, allowing hackers to perform high-privilege operations without the necessary credentials. Continue reading Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication
The authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10.
The post VMware Patches Authentication Bypass Flaw in Windows Tools Suite appeared first on SecurityWeek.
Continue reading VMware Patches Authentication Bypass Flaw in Windows Tools Suite
A year after VMware ESXi servers faced ransomware attacks, new zero-day vulnerabilities are being exploited, posing risks to organizations worldwide. Continue reading Critical Zero-Day Vulnerabilities Found in These VMware Products
Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.
The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first on Se… Continue reading Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks
Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation.
The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek.
Continue reading Broadcom Patches 3 VMware Zero-Days Exploited in the Wild
BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active presence and good reputation on the ransomware-focused Russian-language forum… Continue reading BlackLock ransomware onslaught: What to expect and how to fight it
VMWare calls attention to patches for multiple ‘high-risk’ security defects in its Aria Operations and Aria Operations for Logs products.
The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek.
Continue reading VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products
VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access.
The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared first on SecurityWeek.
Continue reading VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer
About a year after Broadcom’s acquisition of VMware, the company released VMware Tanzu Data Services to make connections to some third-party data engines easier. Continue reading VMware Explore Barcelona 2024: Tanzu Platform 10 Enters General Availability