Google fixes Chrome zero-day security flaw used in hacking campaign targeting journalists
Kaspersky attributed the hacks to an espionage campaign targeting journalists and employees at educational institutions.
CSO Online13h
VMware plugs a high-risk vulnerability affecting its Windows-based virtualization
Improper access control issues in VMware Tools for Windows could allow privilege escalation on affected virtual machines.
SecurityWeek20h
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
Chrome vulnerability CVE-2025-2783 was chained with a second exploit for remote code execution in attacks targeting ...
Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication
CVE-2025-22230 is described as an "authentication bypass vulnerability" by Broadcom, allowing hackers to perform high-privilege operations without the necessary credentials.
FBI warns about document conversion sites spreading malware
The FBI warns that some free online document converters load malware onto people's computers, making their private information vulnerable to attack.
The Hacker News21h
New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround
VMware Tools flaw CVE-2025-22230 enables high-privilege actions on Windows VMs + No workaround + Patch in 12.5.1.
Infosecurity Magazine11h
Threat Actors Abuse Trust in Cloud Collaboration Platforms
Threat actors are exploiting cloud platforms like Adobe and Dropbox to evade email gateways and steal credentials ...