Category: Security Advisory

Posted in Security Advisory

vCenter Is the Crown Jewel: What “Exploitation in the Wild” Really Means for VMware Admins

 Piotr Tarnawski  14 January 2026

Before you read : TL;DR: Broadcom confirmed active exploitation of critical VMware vCenter Server vulnerabilities (CVE-2024-38812 / CVE-2024-38813). Separately, threat intel reporting shows China-nexus operators…

Continue Reading
Posted in AI Security Advisory Uncategorized

How Anyone Could Hijack Your Flowise Account — Without Knowing Your Password

 Piotr Tarnawski  19 September 2025

What is Flowise? Flowise is an open-source platform for building AI-powered applications such as chatbots and agent systems. It provides a visual drag-and-drop interface that…

Continue Reading
Posted in Security Advisory

VMware Security Advisory: VMSA-2025-0013 – Critical Vulnerabilities in VMware Products

 Piotr Tarnawski  16 July 2025

Affected Products: Introduction VMware Security Team has released VMSA-2025-0013, addressing several critical vulnerabilities across a range of VMware products. These vulnerabilities could potentially lead to…

Continue Reading
Posted in Security Advisory Uncategorized

Major Change Alert: VMware Patch Downloads Now Require Tokens

 Piotr Tarnawski  13 June 2025

Broadcom has rolled out a significant change that affects all VMware patching workflows: shared public patch URLs are no longer supported. From now on, every…

Continue Reading
Posted in Security Advisory

Cybersecurity Wake-Up Call: RVTools Users Targeted in Shocking Malware Campaign – What every VMware admin needs to know right now!

 Piotr Tarnawski  26 May 2025

If you’re a systems engineer, VMware admin, or IT pro who swears by RVTools, this one’s going to hit hard: the official RVTools websites —…

Continue Reading
Posted in Security Advisory

VMware Aria Operations 8.18 HF5: Enhancing Performance, Closing Security Gaps

 Piotr Tarnawski  2 April 2025

VMware has recently released VMware Aria Operations 8.18 Patch 5, a crucial update aimed at enhancing stability, security, and functionality within Aria Operations environments. This…

Continue Reading
Posted in Security Advisory

VMware Releases Critical Security Updates for ESXi, Workstation, and Fusion (VMSA-2025-0004)

 Piotr Tarnawski  4 March 2025

VMware has released critical and important security patches for VMware ESXi, VMware Workstation, and VMware Fusion to remediate multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226). These issues…

Continue Reading
Posted in Security Advisory

VMware vCenter Server Vulnerability Patch Released: VMSA-2024-0019

 Piotr Tarnawski  22 October 2024

VMware has issued a critical patch for vCenter Server, addressing two significant vulnerabilities: CVE-2024-38812 and CVE-2024-38813, both of which pose serious security risks. These vulnerabilities,…

Continue Reading
Posted in Security Advisory

VMSA-2024-0021: Addressing SQL Injection Vulnerability in VMware HCX (CVE-2024-38814)

 Piotr Tarnawski  16 October 2024

On October 16, 2024, VMware released a security advisory (VMSA-2024-0021) regarding a high-severity SQL injection vulnerability (CVE-2024-38814) found in VMware HCX, a crucial component for…

Continue Reading
Posted in Security Advisory

VMware Security Advisory: VMSA-2024-0019 – Critical Vulnerabilities in VMware vCenter Server

 Piotr Tarnawski  17 September 2024

On September 17, 2024, VMware issued a critical security advisory (VMSA-2024-0019) addressing two significant vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation. The vulnerabilities—CVE-2024-38812…

Continue Reading