A serious cybersecurity flaw in Cisco Webex Chat has been discovered, allowing unauthorized attackers to access the chat histories of organizations using the platform.
Identified in July 2024, the flaw exposed sensitive communications from potentially thousands of organizations, including IT help desks and customer service operations.
By infosecbulletin
/ Tuesday , April 1 2025
Israeli cybersecurity firm Check Point has responded to a hacker who claimed to have stolen valuable information from its systems....
Read More
By infosecbulletin
/ Tuesday , April 1 2025
Apple has issued an urgent security advisory about 3 critical zero-day vulnerabilities—CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085—that are being actively exploited in...
Read More
By infosecbulletin
/ Tuesday , April 1 2025
GreyNoise has detected a sharp increase in login scanning aimed at Palo Alto Networks PAN-OS GlobalProtect portals. In the past...
Read More
By infosecbulletin
/ Monday , March 31 2025
Canon has announced a critical security vulnerability, CVE-2025-1268, in printer drivers for its production printers, multifunction printers, and laser printers....
Read More
By infosecbulletin
/ Sunday , March 30 2025
RamiGPT is an AI security tool that targets root accounts. Using PwnTools and OpwnAI, it quickly navigated privilege escalation scenarios...
Read More
By infosecbulletin
/ Sunday , March 30 2025
Cybersecurity researcher Jeremiah Fowler recently revealed a sensitive data exposure involving the Australian fintech company Vroom by YouX, previously known...
Read More
By infosecbulletin
/ Sunday , March 30 2025
Safety Detectives' Cybersecurity Team found a forum post where a threat actor shared a .CSV file with over 200 million...
Read More
By infosecbulletin
/ Saturday , March 29 2025
The Federal Bureau of Investigation (FBI) is probing the cyberattack at Oracle (ORCL.N), opens new tab that has led to...
Read More
By infosecbulletin
/ Thursday , March 27 2025
OpenAI has increased its maximum bug bounty payout to $100,000, up from $20,000, to encourage the discovery of critical vulnerabilities...
Read More
By infosecbulletin
/ Thursday , March 27 2025
Splunk has released a security advisory about critical vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These issues could lead...
Read More
Proof-of-Concept and Real-World Impact:
Researchers developed a proof-of-concept script showing how attackers can exploit a vulnerability using only minimal information, like the app UUID in the widget’s JavaScript or the domain hosting the chat, according to the Ophion Security blog.

Organizations using Cisco Webex Chat should promptly audit their systems to ensure they have the latest patched version of the software.
#
VMware issued a critical security advisory, VMSA-2025-0003, for vulnerabilities in VMware Aria Operations for Logs, VMware Aria Operations, and VMware Cloud Foundation.
The vulnerabilities CVE-2025-22218 to CVE-2025-22222 allow admin-level actions, posing a serious risk to affected systems.
VMware has released patches to address vulnerabilities rated with CVSSv3 scores between 5.2 and 8.5, urging customers to update promptly.
Affected Products
The vulnerabilities impact the following VMware products:
VMware Aria Operations for Logs (version 8.x)
VMware Aria Operations (version 8.x)
VMware Cloud Foundation (versions 4.x and 5.x)
VMware advises customers to promptly apply the patches from version 8.18.3 of VMware Aria Operations for Logs and VMware Aria Operations to fix vulnerabilities.