• Daily CyberSecurity

The Cloud Infrastructure Services Providers in Europe (CISPE), an industry alliance representing European sovereign cloud infrastructure providers, has filed a legal complaint with the General Court o ... Read more

• BleepingComputer

Broadcom warned customers today about three VMware zero-days, tagged as exploited in attacks and reported by the Microsoft Threat Intelligence Center. The vulnerabilities (CVE-2025-22224, CVE-2025-222 ... Read more

• The Register

Fresh research suggests attackers are actively monitoring databases of vulnerabilities that are known to be useful in carrying out ransomware attacks. GreyNoise's annual Mass Internet Exploitation Rep ... Read more

• TheCyberThrone

Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the month of November 2024CVE-2024-9463: Palo Alto OS Command InjectionCVSS 3.1 Score : 9.9 CISA KEV: YesThis vuln ... Read more

• Cybersecurity News

Exploit chain to compromise the victim | Image: ESETIn a recent cybersecurity report, ESET researchers have unveiled a coordinated attack by the Russia-aligned threat actor RomCom, exploiting zero-day ... Read more

• Cybersecurity News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities in VMware vCenter Server that are currently being exploited in the ... Read more

• TheCyberThrone

Vmware vulnerabilities have been exploited in attacks after the initial released patches failed to fix the flawThe vulnerabilities are tracked  as CVE-2024-38812 and CVE-2024-38813, released on Septem ... Read more

• security.nl

Aanvallers maken actief misbruik van twee kwetsbaarheden in VMware vCenter Server, waaronder een kritiek beveiligingslek dat het voor ongeauthenticeerde aanvallers mogelijk maakt om op afstand code op ... Read more

• The Hacker News

Vulnerability / Data Security Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersec ... Read more

• The Register

Two VMware vCenter server bugs, including a critical heap-overflow vulnerability that leads to remote code execution (RCE), have been exploited in attacks after Broadcom’s first attempt to fix the fla ... Read more

• BleepingComputer

​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. TZL security researchers reported the RCE vul ... Read more

• Cybersecurity News

The Wordfence Threat Intelligence team identified a severe authentication bypass vulnerability (CVE-2024-10924) in the Really Simple Security plugin, including its Pro and Pro Multisite versions. This ... Read more

• Cybersecurity News

Microsoft’s November 2024 Patch Tuesday addresses 92 vulnerabilities, including four critical and 83 deemed “important.” Notably, this release includes patches for four zero-day vulnerabilities active ... Read more

• Cybersecurity News

Apache ZooKeeper, the widely used centralized service for managing configuration and synchronization across distributed applications, has recently issued a security advisory regarding a significant vu ... Read more

• Cybersecurity News

Phishing Email | Image: CRILA recent report from Cyble Research and Intelligence Labs (CRIL) highlights a sophisticated phishing campaign deploying Strela Stealer, a malware designed to exfiltrate sen ... Read more

• Cybersecurity News

10K unique internet-facing IPs that run Ollama | Image: OligoOligo’s research team recently unveiled six vulnerabilities in Ollama, a popular open-source framework for running large language models (L ... Read more

• Cybersecurity News

Website owners using the AI Power: Complete AI Pack plugin are urged to update to the latest version immediately to patch a critical vulnerability that could lead to complete site takeover.The flaw, t ... Read more

• Cybersecurity News

The BackBox Team has just unleashed the latest iteration of their popular penetration testing and security auditing platform, BackBox Linux 9, codenamed “Noble Numbat.” This release is packed with upd ... Read more

• The Hacker News

Cyber Security / Hacking News Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. T ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last cou ... Read more

• The Register

VMware has pushed a second patch for a critical, heap-overflow bug in the vCenter Server that could allow a remote attacker to fully compromise vulnerable systems after the first software update, issu ... Read more

• BleepingComputer

VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024 ... Read more

• Help Net Security

Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the first time and could allow attac ... Read more

• security.nl

VMware kwam vorige maand met een beveiligingsupdate voor een kritieke kwetsbaarheid in vCenter, waardoor servers op afstand zijn over te nemen. Het bedrijf laat nu weten dat die update onvoldoende is ... Read more

• The Hacker News

Vulnerability / Enterprise Security VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerabil ... Read more

• Cybersecurity News

Image: DanielIn a detailed analysis by security researcher Daniel, a serious vulnerability in Zendesk’s email management system, tracked as CVE-2024-49193, has been revealed. This flaw exposes compani ... Read more

• Cybersecurity News

Image: Peter GabaldonSecurity researcher Peter Gabaldon published the technical details and proof-of-concept exploit code for two high-severity vulnerabilities, CVE-2024-7479 and CVE-2024-7481, which ... Read more

• Cybersecurity News

In a recent revelation, researchers at Akamai have identified a new attack vector exploiting vulnerabilities in the Common Unix Printing System (CUPS). This discovery highlights how everyday devices, ... Read more

• europa.eu

Cyber Brief (September 2024)October 1, 2024 - Version: 1.0TLP:CLEARExecutive summaryWe analysed 269 open source reports for this Cyber Brief1.Relating to cyber policy and law enforcement, in Europe, l ... Read more

• Cybersecurity News

Image: Pen Test PartnersSecurity researchers have disclosed two critical vulnerabilities in Proroute H685t-w 4G routers that could allow remote attackers to compromise affected devices, potentially le ... Read more

• Cybersecurity News

In a recently uncovered report by Trend Micro, the notorious RansomHub ransomware group has been found to leverage a powerful new tool, EDRKillShifter, to disable endpoint detection and response (EDR) ... Read more

• Cybersecurity News

Image: Nicholas StarkeIn a recent cybersecurity revelation, Nicholas Starke, a threat researcher at Aruba, a Hewlett Packard Enterprise company, unveiled the details of CVE-2024-20439, a severe vulner ... Read more

• Cybersecurity News

A recently disclosed security advisory has unveiled a critical vulnerability affecting FreeBSD’s bhyve hypervisor. Identified as CVE-2024-41721, this flaw carries a CVSS score of 9.8, reflecting its h ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical VMware vCenter Server bugs fixed (CVE-2024-38812) Broadcom has released fixes for two vulnera ... Read more

• TheCyberThrone

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, September 21, 2024.Microsoft Kernel Vulne ... Read more

• Cybersecurity News

The AutoVM team at Google has discovered that dependency scanning tools often mistakenly report vulnerabilities in software. These vulnerabilities may either pose no real security threat or require no ... Read more

• Help Net Security

Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow at ... Read more

• security.nl

Een kritieke kwetsbaarheid maakt het mogelijk om VMware vCenter-servers op afstand over te nemen. Broadcom heeft beveiligingsupdates uitgebracht om het probleem te verhelpen. VCenter is een oplossing ... Read more

• Help Net Security

Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to remote code execution (CVE-20 ... Read more

• The Hacker News

Virtualization / Network Security Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution. The vulner ... Read more

• The Register

Broadcom has emitted a pair of patches for vulnerabilities in VMware vCenter Server that a miscreant with network access to the software could exploit to completely commandeer a system. This also affe ... Read more

• BleepingComputer

Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet. vCenter Server is the central mana ... Read more