[HackerNews] VMware Patches Important Bug Affecting ESXi, Workstation and Fusion Products

VMWare has shipped updates to Workstation, Fusion, and ESXi products to address an “important” security vulnerability that could be weaponized by a threat actor to take control of affected systems.
The issue relates to a heap-overflow vulnerability — tracked as CVE-2021-22045 (CVSS score: 7.7) — that, if successfully exploited, results in the execution of arbitrary code. The company credited

Source: Read More (The Hacker News)

You might be interested in …

[ThreatPost] Targeted AnyDesk Ads on Google Served Up Weaponized App

All posts, ThreatPost

Malicious ad campaign was able to rank higher in searches than legitimate AnyDesk ads. Source: Read More (Threatpost)

Read More

[SecurityWeek] Zero Trust, We Must

All posts, Security Week

Daily headlines about cyber-attacks and data breaches (e.g., City of Tulsa, Guess, Morgan Stanley, Rural Al read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ThreatPost] Threat Group Takes Aim Again at Cloud Platform Provider Zoho

All posts, ThreatPost

Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio. Source: Read More (Threatpost)

Read More