Category: CyberSecurityNews

VMware vCenter and NSX Vulnerabilities Let Attackers Enumerate Valid Usernames
30
Sep
2025

VMware vCenter and NSX Vulnerabilities Let Attackers Enumerate Valid Usernames

VMware has disclosed critical security vulnerabilities in vCenter Server and NSX platforms that could allow attackers to enumerate valid usernames…

VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root
30
Sep
2025

VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root

VMware has released an advisory to address three high-severity vulnerabilities in VMware Aria Operations, VMware Tools, VMware Cloud Foundation, VMware…

VMware Tools and Aria 0-Day Vulnerability Exploited for Privilege Escalation and Code Execution
30
Sep
2025

VMware Tools and Aria 0-Day Vulnerability Exploited for Privilege Escalation and Code Execution

A zero-day local privilege escalation vulnerability in VMware Tools and VMware Aria Operations is being actively exploited in the wild….

Western Digital My Cloud NAS Devices Vulnerability Let Attackers Execute Malicious Code
30
Sep
2025

Western Digital My Cloud NAS Devices Vulnerability Let Attackers Execute Malicious Code

Western Digital has released security updates for a critical vulnerability affecting multiple My Cloud network-attached storage (NAS) devices. The flaw,…

Apple Font Parser Vulnerability Enables Malicious Fonts to Crash or Corrupt Process Memory
30
Sep
2025

Apple Font Parser Vulnerability Enables Malicious Fonts to Crash or Corrupt Process Memory

Apple has rolled out security updates across its operating systems to address a vulnerability in the Font Parser component that…

New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing
29
Sep
2025

New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing

The cybersecurity community is currently observing a surge in interest around Olymp Loader, a recently unveiled Malware-as-a-Service (MaaS) platform written…

Malicious domain
29
Sep
2025

Hackers Trick Users to Download Weaponized Microsoft Teams to Gain Remote Access

A sophisticated cyber campaign is exploiting the trust users place in popular collaboration software, tricking them into downloading a weaponized…

New Harrods Data Breach Exposes 430,000 Customer Personal Records
29
Sep
2025

New Harrods Data Breach Exposes 430,000 Customer Personal Records

Luxury department store Harrods has disclosed a significant data breach affecting approximately 430,000 customer records after a third-party provider was…

New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data
29
Sep
2025

New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data

A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive information. The…

SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG files
29
Sep
2025

SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG files

As attackers increasingly leverage Scalable Vector Graphics (SVG) for stealthy code injection, security researchers face mounting challenges in detecting obfuscated…

New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others
29
Sep
2025

New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others

A newly observed spear-phishing campaign is leveraging sophisticated social engineering lures to distribute DarkCloud, a modular malware suite designed to…

JLR Confirms Phased Restart
29
Sep
2025

JLR Confirms Phased Restart of Operations Following Cyber Attack

Jaguar Land Rover (JLR) has confirmed it will begin a phased restart of its manufacturing operations in the coming days,…