A zero-day vulnerability, tracked as CVE-2024-44068, has been discovered in Samsung’s mobile processors and is being used in an exploit chain for arbitrary code execution. The vulnerability was given a critical CVSS score of 8.1 out of 10 and was… Article Source https://www.darkreading.com/endpoint-security/samsung-zero-day-vuln-under-active-exploit-google-warns
SecurityWeek reports that over 20,000 internet-exposed VMware ESXi hypervisors continue to be impacted by the actively exploited medium-severity authentication bypass vulnerability, tracked as CVE-2024-37085, by the end of July, one week after… Source link
Tenable security researchers found a high severity vulnerability in multiple Azure services that Microsoft has no plans to patch. The bug allows attackers to bypass Azure firewall rules using service tags. Microsoft claims it’s a client configuration issue and encourages customers to review security measures. Attackers can exploit the vulnerability to impersonate trusted Azure services … Read more
VMware has disclosed a critical vulnerability in its vCenter Server – and that it issued an update to fix it weeks ago, along with patches for unsupported versions of the software. The soon-to-be-acquired-by-Broadcom virtualization giant on Wednesday delivered news that its implementation of the Distributed Computing Environment/Remote Procedure Calls (DCERPC) protocol contains an out-of-bounds write … Read more