Unofficial patches are available for a new Windows zero-day vulnerability that allows remote attackers to steal NTLM credentials by deceiving targets into opening malicious files in Windows Explorer. NTLM has been widely exploited in NTLM relay attacks (where threat actors force vulnerable network devices to authenticate to attacker-controlled servers) and …

On Tuesday, VMware issued an urgent fix for a security flaw in its VMware Tools for Windows. CVE-2025-22230 allows a malicious user with basic access on a Windows guest virtual machine to execute high-privilege tasks within that VM. VMware’s important bulletin states that an authentication bypass bug, due to improper …

Kubernetes users of the Ingress NGINX Controller are advised to fix four newly found remote code execution ( RCE) vulnerabilities, which have a CVSS score of 9.8. Wiz Security named four vulnerabilities “IngressNightmare” that affect the admission controller of the popular open-source software used for directing external traffic to Kubernetes …

Next.js, a widely used React framework for building full-stack web applications, has fixed a serious security vulnerability. Used by many large companies, Next.js facilitates rapid development with advanced React features and Rust-based JavaScript tools. A recent security advisory has highlighted a critical authorization bypass issue that requires urgent action from …

A hacker known as “rose87168” claims to have stolen six million records from Oracle Cloud servers. The stolen data includes Java Key Store (JKS) files, encrypted Single Sign-On (SSO) passwords, hashed LDAP passwords, key files, and Enterprise Manager Java Platform Security (JPS) keys. Stolen Data on Dark Web Forums: Stolen …

Operation Zero, a Russian zero-day broker, is offering up to $4 million for Telegram exploits. They seek $500K for one-click RCE, $1.5M for zero-click RCE, and $4M for a full-chain exploit that can fully compromise a device. The firm only sells exploits to the Russian government and local companies. We …

Threat actors are exploiting a component of CheckPoint’s ZoneAlarm antivirus to bypass Windows security measures. Nima Bagheri, a security researcher in Austin and founder of Venak Security, announced a new Bring Your Own Vulnerable Driver (BYOVD) attack in a report on March 20. Threat actors exploited vulnerabilities in vsdatant.sys, a …

IBM has resolved two critical vulnerabilities in its AIX operating system that could allow command execution. The list of shortcomings, which impact AIX versions 7.2 and 7.3, is below: CVE-2024-56346 (CVSS score: 10.0) – A vulnerability that allows a remote attacker to run any commands through the AIX nimesis NIM …

WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon’s Graphite spyware following reports from security researchers at the University of Toronto’s Citizen Lab. The company addressed the attack vector late last year “without the need for a client-side fix” and decided not to assign a CVE-ID after “reviewing …

CISA has issued a critical alert about a critical vulnerability in Fortinet’s FortiOS and FortiProxy systems. CVE-2025-24472, an authentication bypass vulnerability, has been added to CISA’s Known Exploited Vulnerabilities catalog. Fortinet FortiOS Authentication Bypass Vulnerability: Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to …