A SAML token signature bypass vulnerability in VMware Tools was responsibly reported to VMware with a maximum CVSSv3 base score of 7.5. Updates are available to remediate this vulnerability in the affected VMware products.
400+ IPs Exploiting Multiple SSRF Vulnerabilities
By infosecbulletin
/ Wednesday , March 12 2025
GreyNoise warns of a coordinated increase in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities across various platforms. "At least...
Read More
NVIDIA has released update for NVIDIA Riva
By infosecbulletin
/ Wednesday , March 12 2025
NVIDIA has released a software update for Riva to fix security vulnerabilities that could allow privilege escalation, data tampering, denial...
Read More
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
By infosecbulletin
/ Wednesday , March 12 2025
On Tuesday, Apple fixed a critical zero-day vulnerability affecting nearly all supported iPhones and iPads. The company noted that it...
Read More
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
By infosecbulletin
/ Wednesday , March 12 2025
Microsoft's March 2025 Patch Tuesday update fixes 57 flaws, including seven zero-day exploits, six of which are actively being exploited....
Read More
Ballista Botnet infects 6000 Unpatched TP-Link Routers
By infosecbulletin
/ Tuesday , March 11 2025
Cato CRTL team said, a new botnet campaign dubbed Ballista target the unpatched TP-Link Archer routers. CVE-2023-1389 is a serious...
Read More
CVE-2025-24813
Flaw in Apache Tomcat Exposes Servers to RCE
By infosecbulletin
/ Tuesday , March 11 2025
A critical vulnerability, CVE-2025-24813, has been found in Apache Tomcat, which could let attackers execute remote code, leak sensitive data,...
Read More
CISA Adds 3 Ivanti Endpoint Manager Bugs to KEV
By infosecbulletin
/ Tuesday , March 11 2025
CISA included three vulnerabilities in Ivanti Endpoint Manager—CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161—in its Known Exploited Vulnerabilities catalog. Federal agencies must address...
Read More
Ransomware Attacks Set Records in February: New Data Shows
By infosecbulletin
/ Sunday , March 9 2025
Ransomware attacks reached a record high in February, surpassing previous months, according to a Cyble report. The Cyble report tracked...
Read More
Cyber attack at Japanese telecom leader NTT hits 18,000 companies
By infosecbulletin
/ Saturday , March 8 2025
NTT Communications Corporation discovered illegal access to its facilities on February 5 and confirmed on February 6 that some information...
Read More
Cyber heist: Pune losses Rs 6007 crore in cyber scam
By infosecbulletin
/ Friday , March 7 2025
India's Maharashtra Deputy Chief Minister Devendra Fadnavis disclosed alarming cyber fraud figures for Pune in 2024 during the Assembly session....
Read More
Click here to read full report.