Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks. “External control of…
Tag: VMware
AI, Exploits, Global Security News, Risk Management
Broadcom releases VMware Fusion security update for root access bug
Broadcom patched a high-severity VMware Fusion flaw, CVE-2026-41702, that could let local attackers gain root privileges. Broadcom released a security update for VMware Fusion to address a high-severity vulnerability, tracked as CVE-2026-41702, that could allow local attackers to escalate privileges to root on affected systems. The flaw is a time-of-check time-of-use (TOCTOU) vulnerability affecting operations…
Endpoint, Global Security News
Kyber ransomware gang toys with post-quantum encryption on Windows
A new Kyber ransomware operation is targeting Windows systems and VMware ESXi endpoints in recent attacks, with one variant implementing Kyber1024 post-quantum encryption. […]
AI, Apps, Global Security News
Broadcom introduces zero-trust runtime for scalable AI agents
Broadcom has announced VMware Tanzu Platform agent foundations, introducing a secure-by-default agentic runtime designed to accelerate the delivery of autonomous AI applications. By extending the trusted code-to-production simplicity of Tanzu Platform to AI agents, Broadcom is enabling enterprise developers to move beyond siloed AI experiments and into scalable, governed production on VMware Cloud Foundation (VCF).…
Exploits, Global Security News
VMware Aria Operations Bug Exploited, Cloud Resources at Risk
Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims’ cloud environments.
AI, APAC, Compliance, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2026-22719 (CVSS…
Cybersecurity, Exploits, Global Security News
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. […]
AI, Exploits, Global Security News, Network Security, Risk Management
VMware fixes command injection flaw in Aria Operations
VMware has released patches for several high- and medium-risk vulnerabilities that impact its Aria Operations, Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure products. The most serious of these flaws allows unauthenticated attackers to execute arbitrary commands on the underlying OS, while another gives authenticated users the ability to elevate to administrator privileges. The…
AI, APAC, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
VMware Aria Vulnerabilities Expose RCE Risk
Broadcom has disclosed three vulnerabilities in VMware Aria Operations, including one that could allow unauthenticated remote code execution during product migrations. One of the flaws, CVE-2026-22719, can allow an attacker “… to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress,” said Broadcom…
AI, APAC, Compliance, Exploits, Global Security News, Risk Management
VMware Aria Operations flaws could enable remote attacks
Broadcom patched multiple VMware Aria Operations flaws, including high-severity issues that could enable remote code execution. Broadcom has released security updates to address multiple vulnerabilities affecting VMware Aria Operations. VMware Aria Operations is an IT operations management platform that helps organizations monitor and optimize virtual, cloud, and hybrid environments. It provides performance monitoring, capacity planning,…
AI, Global Security News, Risk Management
CloudBolt Study: 86% of VMware Users Trim Usage Post-Broadcom
When Broadcom acquired VMware in 2023, many IT leaders braced for impact. Two years later, the crash some predicted hasn’t happened, but the slow restructuring of enterprise IT is very real. CloudBolt research shows longer-term shifting strategies around VMware That’s the key takeaway from new January 2026 research by CloudBolt Software, which surveyed 302 North…
Global Security News
VIDEO: The New Scale Computing – How an Unlikely Acquisition Is Building an Edge Computing Empire
From a VMware alternative to a full-spectrum edge platform — inside Scale Computing’s ambitious post-acquisition
AI, Global Security News
The 400,000-Line Rebellion: How VergeIO Is Betting That Less Code Means More Cloud
A self-funded startup from Ann Arbor, Michigan, claims it can replace VMware, Nutanix, and your entire infrastructure stack — with a single piece of software that fits on a mini PC. And Broadcom keeps handing them customers.
AI, Global Security News
The 400,000-Line Rebellion: How VergeIO Is Betting That Less Code Means More Cloud
A self-funded startup from Ann Arbor, Michigan, claims it can replace VMware, Nutanix, and your entire infrastructure stack — with a single piece of software that fits on a mini PC. And Broadcom keeps handing them customers.
AI, Global Security News
The 400,000-Line Rebellion: How VergeIO Is Betting That Less Code Means More Cloud
A self-funded startup from Ann Arbor, Michigan, claims it can replace VMware, Nutanix, and your entire infrastructure stack — with a single piece of software that fits on a mini PC. And Broadcom keeps handing them customers.
AI, CISA, Don't miss, Exploits, Global Security News, Hot stuff, News
CISA confirms exploitation of VMware ESXi flaw by ransomware attackers
CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in its Known Exploited Vulnerabilities (KEV) catalog. Researchers linked VMware ESXi zero-day trio to single exploit toolkit Broadcom fixed CVE-2025-22225, CVE-2025-22224 (a heap overflow vulnerability) and CVE-2025-22226 (an information disclosure flaw) in VMware…