VMware has issued a warning about a serious vulnerability in its Aria Operations platform. The CVE-2025-22231 vulnerability allows attackers to escalate privileges, gaining root-level control over the affected system. VMware has classified this issue as Important, and cybersecurity experts emphasize…
Recently, Dell Technologies identified several critical vulnerabilities in its Unity, UnityVSA, and Unity XT storage systems and released security updates to mitigate them. These vulnerabilities allow attackers to gain unauthorized access, execute commands with root privileges, and delete critical system…
Active Exploitation of CVE-2025-2825 Vulnerability! 🔴 After the discovery of an authentication bypass vulnerability in CrushFTP, cybercriminals have started actively exploiting it. According to data from the Shadowserver Foundation, as of March 30, 2025, 1,512 vulnerable servers remain exposed to…
Apple has announced the discovery of three new zero-day vulnerabilities that are currently being actively exploited by cybercriminals. These vulnerabilities, identified as CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085, pose a significant threat to iPhones, iPads, Macs, and other Apple ecosystem devices. Hackers…
🔴 Appsmith users, stay alert! Appsmith is an open-source software platform widely used for building internal applications. However, serious security vulnerabilities have recently been discovered, which could allow attackers to remotely execute arbitrary commands. The most critical vulnerability is CVE-2024-55963,…
A critical vulnerability has been discovered in NetApp SnapCenter software, posing a significant security risk. This vulnerability allows authenticated users to escalate their privileges to an administrator level on remote systems, potentially leading to infrastructure compromise and data breaches. 📌…
🔍 Cybercriminals are increasingly using sophisticated techniques to inject malicious code into the NPM repository. Although the number of malicious packages seemed to decline in 2023–2024, this trend has not continued in 2024. Recently, security researchers identified two NPM packages…
🔍 Cybersecurity experts have discovered a serious vulnerability in the Splunk system. This flaw allows attackers to upload malicious files and execute arbitrary code within the system. Splunk has identified a Remote Code Execution (RCE) vulnerability, CVE-2025-20229, in its Splunk…
Cybersecurity threats continue to escalate, putting the confidential data of companies and organizations at risk. On March 21, 2025, a serious security vulnerability was discovered in CrushFTP, allowing attackers to bypass authentication and gain access to the system through HTTPS…
As virtualization technologies continue to advance, a new security vulnerability—CVE-2025-22230—has been discovered in VMware Tools for Windows. This flaw allows attackers to bypass authentication in a Windows guest virtual machine and gain elevated privileges. CVE-2025-22230 affects VMware Tools for Windows…