Update VMware Tools for Windows NOW: High-Severity Flaw Lets Hackers Bypass Authentication

Update VMware Tools for Windows NOW: High-Severity Flaw Lets Hackers Bypass Authentication

Image: Ferran Rodenas/Flickr/Creative Commons If you use VMware Tools for Windows, it is critical to update to the latest version. Broadcom, which acquired VMware for $69 billion in 2023, has issued a patch for a high-severity vulnerability that is actively being exploited by cybercriminals. The vulnerability affects VMware Tools for Windows versions 11.x.x and 12.x.x, but has been patched in version 12.5.1. Broadcom confirmed that no workarounds are available, so affected users should update immediately….

Read More

Microsoft Adds Even More AI to Its Security Copilot

Microsoft Adds Even More AI to Its Security Copilot

Vasu Jakkal, corporate vice president, Microsoft Security. Image: Microsoft Microsoft is raising the bar in the cybersecurity game with a new wave of AI-driven security agents. The company announced an expansion of its Microsoft Security Copilot, introducing six AI agents designed to tackle cyber threats head-on. These agents, set to launch in April 2025, will assist overwhelmed security teams in handling phishing attacks, data breaches, and identity threats. Cyberattacks have reached unprecedented levels, with Microsoft…

Read More

The Human Factor: Redefining Cybersecurity In The Age Of AI

The Human Factor: Redefining Cybersecurity In The Age Of AI

With 74% of breaches starting with people, securing the human layer is cybersecurity’s most urgent … More priority. getty It is a common mantra in cybersecurity that humans are the weakest link. It’s a notion I often push back on, because it is generally used as a sort of tacit excuse for why cybersecurity tools or processes fail, but there is also an element of truth to it. One of the key takeaways from Verizon’s…

Read More

FBI 'Increasingly Seeing' Malware Distributed In Document Converters

FBI 'Increasingly Seeing' Malware Distributed In Document Converters

Image: iStockphoto/domoyega Threat actors may attempt to distribute malware, including ransomware, by offering free document converters, according to a March 7 report from the FBI’s Denver office. “Agents are increasingly seeing” this type of scam. The scheme has been deployed globally, the FBI warned. How the document conversion scam works Threat actors behind the document converter scam disguise malicious software as a legitimate tool for file conversion. The software may claim to convert .doc files…

Read More

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters

Image: cynoclub/Envato Elements Apache Tomcat is under attack as cybercriminals actively exploit a recently disclosed vulnerability, enabling remote code execution (RCE). With simple HTTP requests, attackers can trigger the deserialisation of malicious data and gain control over affected systems. The vulnerability, CVE-2025-24813, was disclosed by Apache on March 10, with the first proof of concept being released on GitHub about 30 hours later, posted by user iSee857. Soon after, security firm Wallarm later saw that…

Read More

iPhone-Android: A Major Privacy Upgrade is Coming Soon

iPhone-Android: A Major Privacy Upgrade is Coming Soon

Image: vinnikava/Envato Elements Cross-platform encrypted messaging between iPhone and Android is coming soon, thanks to updated Rich Communication Services (RCS) standards. The GSM Association has announced that the latest RCS specifications now include end-to-end encryption based on the Messaging Layer Security protocol. This breakthrough, initially teased back in September, will finally allow secure, encrypted messaging between different mobile platforms. This is a huge privacy win — end-to-end encryption (E2EE) means nobody else can see your…

Read More

Medusa Ransomware: FBI & CISA Urge Immediate Action

Medusa Ransomware: FBI & CISA Urge Immediate Action

Image: DC_Studio/Envato Elements Federal cybersecurity officials are raising red flags over a surge in attacks by the Medusa ransomware group. First detected in June 2021, the group has gained traction recently by using basic but effective methods — like phishing emails and exploiting outdated software — to break into systems and hold data hostage. In a joint advisory released last week, the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and…

Read More

Will Cisco’s Free Tech Training for 1.5M People Help Close EU’s Skills Gap?

Will Cisco’s Free Tech Training for 1.5M People Help Close EU’s Skills Gap?

Roxana Mînzatu, Executive Vice-President for Social Rights and Skills, Quality Jobs and Preparedness and Cisco Chair and CEO Chuck Robbins. Image: Cisco Cisco recently announced its initiative to provide 1.5 million people in the European Union by 2030 free courses on basic digital skills. Cisco Chair and CEO Chuck Robbins said the plan also includes training 5,000 instructors in AI, cybersecurity, data science, and digital transformation to help professionals stay competitive in a rapidly evolving…

Read More

Patch Tuesday: Microsoft Fixes 57 Security Flaws

Patch Tuesday: Microsoft Fixes 57 Security Flaws

Image: Microsoft News Microsoft just dropped its March 2025 Patch Tuesday update, which includes 57 fixes though closer to 70 with third-party vulnerabilities included. The update addresses some critical security issues that require immediate attention, including the following six zero-day vulnerabilities that hackers are actively exploiting. CVE-2025-26633: A security hole in Microsoft Management Console that lets hackers bypass normal protections. They typically trick you into opening a specially designed file or website through email or…

Read More

Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading

Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading

A Brazilian court has dealt a major blow to Apple’s tightly controlled ecosystem, ordering the tech giant to allow sideloading on iOS within 90 days. The ruling follows similar mandates in the EU, signaling a global push for more open digital marketplaces. With Apple commanding nearly 60% of the U.S. mobile market and over 62% in Japan, the decision could set off a domino effect worldwide. How does sideloading affect iOS users? Sideloading occurs when…

Read More
1 2 3 4 5 30