CISA Warns of Actively Exploited 0-Day Vulnerabilities in VMware Tools and Aria Operations
The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over the active exploitation of a critical privilege escalation vulnerability affecting Broadcom's VMware Tools...
New Agent-Aware Cloaking Technique Exploits OpenAI ChatGPT Atlas Browser to Serve Fake Content
Security researchers have uncovered a sophisticated attack vector that exploits how AI search tools and autonomous agents retrieve web content.
The vulnerability, termed "agent-aware...
CISA Publishes Security Best Practices for Hardening Microsoft Exchange Servers
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Security Agency and international cybersecurity partners, has released a comprehensive security guidance...
AzureHound Penetration Tool Abused by Threat Actors to Enumerate Azure and Entra ID
The cybersecurity landscape continues to shift toward cloud-based attacks, with threat actors increasingly exploiting legitimate security tools for malicious reconnaissance.
AzureHound, a penetration testing...
Multiple Jenkins Flaws Include SAML Authentication Bypass and MCP Plugin Permission Issues
Jenkins automation server deployments face significant security risks following the disclosure of 14 distinct vulnerabilities spanning multiple plugins.
The security advisory reveals a widespread...
