A newly discovered vulnerability in VMware products allows attackers to execute remote code by sending specially crafted network packets. This critical-severity flaw poses a serious risk for organizations using affected VMware systems, as it could lead to unauthorized access and control over their networks. VMware has not specified which products are impacted, but the nature of the vulnerability suggests that any systems relying on VMware technologies could be at risk. Companies should prioritize patching their systems as soon as updates are available to prevent potential exploitation. The urgency is heightened as this vulnerability is now a target for attackers.
Articles tagged "Critical"
Found 915 articles
The Hacker News
In late December 2025, the Russian hacking group Sandworm attempted a significant cyber attack on Poland's power sector, described by officials as the largest of its kind targeting the country's energy infrastructure. The attack involved a new type of malware called DynoWiper, which was designed to disrupt power operations. Fortunately, the attack was thwarted, and Poland's energy minister, Milosz Motyka, confirmed that the country's cyberspace forces detected and responded to the threat in time. This incident emphasizes the ongoing risks facing critical infrastructure from state-sponsored actors and highlights the importance of robust cybersecurity measures in protecting essential services. As cyber threats continue to evolve, organizations must remain vigilant to safeguard against potential disruptions.
Security Affairs
Researchers have discovered a critical vulnerability in the GNU InetUtils telnet daemon (telnetd), tracked as CVE-2026-24061, which has remained unnoticed for nearly 11 years. This flaw affects all versions from 1.9.3 to 2.7 and has a high severity score of 9.8, indicating a significant risk. If exploited, attackers could gain root access to affected systems, posing a serious threat to security. This vulnerability impacts a variety of systems that rely on GNU InetUtils, making it imperative for users and organizations to address this issue promptly. As this flaw has been present for so long, it raises concerns about the security practices in place for maintaining software.
A serious vulnerability has been discovered in all versions of GNU InetUtils telnetd, specifically those ranging from 1.9.3 to 2.7. This flaw, which allows remote attackers to bypass authentication, has gone unnoticed for nearly 11 years. Given the age of this issue, many systems may still be running vulnerable versions, putting users at risk. The discovery emphasizes the need for organizations to audit their systems and ensure they are not using outdated software. Users and administrators should take immediate action to update or patch their systems to mitigate potential exploitation.
Cyber Centaurs, a digital forensics firm, discovered critical attacker infrastructure while investigating a ransomware incident involving a U.S. client. This operational security lapse allowed the firm to recover data that the attackers had encrypted. The incident serves as a reminder of the vulnerabilities that organizations face when dealing with ransomware, particularly if they fail to maintain strict security protocols. Companies should take this case as a warning to enhance their cybersecurity measures, as ransomware attacks can have devastating consequences for both data integrity and business operations. The recovery of the data also raises questions about the methods used by attackers and the potential for further exploitation of the exposed infrastructure.
In 2025, various hacktivist groups such as Z-Pentest, Dark Engine, and Sector 16 ramped up their attacks on critical infrastructure, specifically targeting industrial control systems (ICS), operational technology (OT), and Human Machine Interface (HMI) environments. These attacks pose significant risks as they can disrupt essential services that rely on these systems, including utilities and manufacturing processes. By focusing on ICS and OT, these groups are not just seeking to cause chaos but are also likely aiming to draw attention to specific political or social issues. This increase in activity highlights the vulnerabilities in these crucial sectors and raises concerns about the potential for more severe consequences if these systems are compromised. Companies and organizations that manage such infrastructure need to bolster their cybersecurity defenses to prevent potential disruptions.
Hackers are actively exploiting a serious vulnerability in the GNU InetUtils telnetd server that has been around for 11 years. This flaw allows attackers to bypass authentication and gain root access, which poses a significant risk to systems still using this service. Organizations that rely on telnetd are at risk of unauthorized access, potentially leading to data breaches or system compromise. Security experts are urging affected users to address this vulnerability immediately to prevent exploitation. Given the age of the flaw, many systems might still be running unpatched versions, making them easy targets for attackers.
MITRE has introduced a new framework called the Embedded Systems Threat Matrix, aimed at enhancing cybersecurity measures for embedded systems, which are often found in critical infrastructure. This initiative is crucial as these systems are increasingly targeted by cyber threats, impacting industries such as healthcare, manufacturing, and transportation. The new matrix provides a structured way to identify potential vulnerabilities and attack vectors specific to embedded systems, helping organizations better defend against these risks. By focusing on this area, MITRE is addressing a growing concern in cybersecurity, as the reliance on embedded systems continues to expand. This framework is expected to guide developers and security professionals in implementing stronger protections for these essential technologies.
During the Pwn2Own Automotive 2026 event, security researchers successfully exploited 76 zero-day vulnerabilities, earning a total of $1,047,000 over three days from January 21 to January 23. This event showcases the ongoing challenges in automotive cybersecurity, where researchers target vulnerabilities in vehicle software and systems. The financial rewards for discovering these exploits underscore the critical need for automakers to prioritize security in their products. These vulnerabilities could potentially be exploited by malicious actors, posing risks to vehicle safety and user privacy. As vehicles become increasingly reliant on software and connectivity, addressing these weaknesses is essential for protecting consumers and maintaining trust in automotive technology.
GitLab has addressed a serious vulnerability in its authentication services that allowed attackers to bypass two-factor authentication (2FA). This flaw was due to an unchecked return value, which meant that if an attacker knew a target's account ID, they could submit fake device responses to gain unauthorized access. The issue is particularly concerning as it undermines a key security feature—2FA—that many users rely on to protect their accounts. GitLab has released patches to fix this vulnerability, and users are urged to update their systems promptly to ensure their accounts remain secure. This incident serves as a reminder of the importance of robust security measures in software development and the need for vigilance against potential exploits.
Concerns have arisen over China's electric buses, which are currently in use across Australia and Europe. These buses have been found to have vulnerabilities that could be exploited by cybercriminals. Additionally, there is a worrying feature described as a virtual kill switch, which could potentially be activated by the Chinese government. This has prompted the Australian government to review the security implications of these vehicles. The situation raises significant questions about the safety of critical infrastructure and the potential risks posed by foreign technology in public transport systems.
A watchdog group has filed a lawsuit against the Transportation Security Administration (TSA) seeking the release of a data-sharing agreement with U.S. Immigration and Customs Enforcement (ICE). This legal action comes just one day after a TSA official defended the data-sharing practice during a congressional hearing, labeling it essential for national security. The lawsuit raises concerns about privacy and the extent of collaboration between federal agencies regarding personal data. The outcome could influence how government agencies manage and share information related to travelers, particularly in the context of immigration enforcement. This issue is significant as it touches on civil liberties and the balance between security measures and individual rights.
The Hacker News
A serious vulnerability has been discovered in the GNU InetUtils telnet daemon (telnetd) that has existed for nearly 11 years. This flaw, identified as CVE-2026-24061, allows attackers to bypass authentication remotely and gain root access to affected systems. It impacts all versions of GNU InetUtils from 1.9.3 to 2.7. Given its high CVSS score of 9.8, this vulnerability poses a significant risk to organizations still using these versions. Users and administrators should prioritize addressing this issue to prevent unauthorized access to their systems.
A failure in operational security by the INC ransomware group has allowed researchers to recover data stolen from 12 U.S. organizations. This incident highlights vulnerabilities in the ransomware gang's methods, which typically aim to keep their operations hidden and secure. The affected organizations were able to regain access to their compromised data, which could lessen the impact of the attack. Such operational oversights by attackers can provide critical opportunities for recovery and response for victims. This situation serves as a reminder for organizations to remain vigilant and proactive in their cybersecurity measures to protect against ransomware threats.
A recent report by the World Economic Forum indicates a significant lack of confidence among cybersecurity professionals in Latin America regarding their countries' ability to defend against cyberattacks targeting critical infrastructure. The findings suggest that many experts believe their nations are not adequately prepared to handle potential threats, which could lead to serious vulnerabilities in essential services. This lack of faith is concerning, especially as cyberattacks continue to rise globally. The situation calls for urgent attention to improve cybersecurity measures and training in the region. Without stronger defenses, critical infrastructure may remain at risk of attacks that could disrupt services and endanger public safety.