2025-01-31 05:31:15 Pacfic
ESXi Ransomware Attacks Utilize SSH Tunneling - 3d
Ransomware groups are exploiting VMware ESXi hypervisors using SSH tunneling to maintain stealthy access. Attackers are leveraging known vulnerabilities or stolen admin credentials to infiltrate ESXi instances and then use built-in SSH service for lateral movement and ransomware deployment. This allows the attackers to remain undetected while encrypting virtual environments.
VMware Avi Load Balancer SQL Injection Vulnerability - 1d
A critical blind SQL injection vulnerability (CVE-2025-22217) has been discovered in the VMware Avi Load Balancer. Attackers with network access can exploit this flaw by sending specially crafted SQL queries, potentially gaining unauthorized access to the underlying database. This could lead to significant data breaches and system compromise. The vulnerability allows an attacker to bypass authentication and gain direct access to the database where sensitive information is stored. This is a major issue for organizations using Avi Load Balancer, requiring immediate patching.
VMware Patches Multiple Vulnerabilities in Aria Operations - 1d
VMware addressed five vulnerabilities in its Aria Operations product (formerly VMware vRealize Operations). These vulnerabilities could allow privilege escalation and Cross-Site Scripting (XSS) attacks. The vulnerabilities range in severity, emphasizing the importance of promptly installing security patches for cloud management platforms. This highlights the need for continuous security updates and robust vulnerability management in enterprise software.