Bill Toulas 
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progress Kemp LoadMaster. The flaw,… Source link
The new ‘Helldown’ ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. French cybersecurity firm Sekoia is reporting this with… Source link
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024. The flaw is rated critical (CVSS v3.1… Source link
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system. These types of flaws are critical as they could permit attackers to gain unauthorized access to the host system where a hypervisor is installed … Read more
A new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware. First identified twenty years ago, Bifrost is one of the longest-standing RAT threats in circulation. It infects users via malicious email attachments or payload-dropping … Read more
The RansomHouse ransomware operation has created a new tool named ‘MrAgent’ that automates the deployment of its data encrypter across multiple VMware ESXi hypervisors. RansomHouse is a ransomware-as-a-service (RaaS) operation that emerged in December 2021 and is using double extortion tactics. In May 2022, the operation set up a dedicated victim extortion page on the dark web. … Read more