-
VMware has released an advisory to address three high-severity vulnerabilities in VMware Aria Operations, VMware Tools, VMware Cloud Foundation, VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure. Disclosed on 29 September 2025, the advisory covers CVE-2025-41244, CVE-2025-41245, and CVE-2025-41246 with CVSSv3 base scores ranging from 4.9 to 7.8. Administrators must apply the patched versions […] The post VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Western Digital has released security updates for a critical vulnerability affecting multiple My Cloud network-attached storage (NAS) devices. The flaw, tracked as CVE-2025-30247, could allow a remote attacker to execute arbitrary code on vulnerable systems, potentially leading to a complete device takeover. The company addressed the high-severity issue in My Cloud Firmware version 5.31.108, which […] The post Critical Western Digital My Cloud NAS Devices Vulnerability Let Attackers Execute Malicious Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Broadcom released VMSA-2025-0016 to address three key vulnerabilities affecting VMware vCenter Server and NSX products. The vulnerabilities include an SMTP header injection in vCenter (CVE-2025-41250) and two distinct username enumeration flaws in NSX …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple has rolled out security updates across its operating systems to address a vulnerability in the Font Parser component that could allow malicious fonts to crash applications or corrupt process memory. The vulnerability, identified as CVE-2025-43400, affects a wide range of products, including the newly released macOS Tahoe and iOS 26, as well as older […] The post Apple Font Parser Vulnerability Enables Malicious Fonts to Crash or Corrupt Process Memory appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury department store Harrods has become the latest victim of a significant cybersecurity incident after hackers successfully accessed personal data belonging to 430,000 customers. The prestigious London retailer confirmed that threat actors contacte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VMware has disclosed critical security vulnerabilities in vCenter Server and NSX platforms that could allow attackers to enumerate valid usernames and manipulate system notifications. The vulnerabilities, tracked as CVE-2025-41250, CVE-2025-41251, and CVE-2025-41252, affect multiple VMware products, including Cloud Foundation, vSphere Foundation, NSX, NSX-T, and Telco Cloud platforms. Broadcom, which acquired VMware, released a security advisory […] The post VMware vCenter and NSX Vulnerabilities Let Attackers Enumerate Valid Usernames appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cybercriminal group known as Lunar Spider successfully compromised a Windows machine through a single malicious click, establishing a foothold that allowed them to harvest credentials and maintain persistent access for nearly two months…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have identified a sophisticated campaign where threat actors are using malicious advertisements and search engine optimization poisoning to distribute fake Microsoft Teams installers containing the Oyster backdoor malware. The…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cyber campaign is exploiting the trust users place in popular collaboration software, tricking them into downloading a weaponized version of Microsoft Teams to gain remote access to their systems. Threat actors are using search engine optimization (SEO) poisoning and malicious advertisements to lure unsuspecting victims to fraudulent download pages, a tactic that closely […] The post Hackers Trick Users to Download Weaponized Microsoft Teams to Gain Remote Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury department store Harrods has disclosed a significant data breach affecting approximately 430,000 customer records after a third-party provider was compromised. The hackers behind the attack have contacted the retailer, but Harrods has stated it will not engage with the threat actor, suggesting a potential ransom demand was made. The breach, which Harrods first communicated […] The post New Harrods Data Breach Exposes 430,000 Customer Personal Records appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
