VulnHub

Everest ransomware has claimed responsibility for a data breach affecting legacy Polycom systems owned by HP Inc. The attackers allege that they have stolen around 90GB of internal data. HP has yet to confirm the breach or provide details about the incident. This situation raises concerns about the security of legacy systems, which often have vulnerabilities that can be exploited by cybercriminals. As organizations increasingly rely on such systems, the potential for significant data theft becomes a pressing issue that companies need to address.

Hewlett Packard Enterprise (HPE) has addressed a serious security vulnerability in its OneView software that allows unauthenticated remote code execution. This flaw, identified as CVE-2025-37164, has been rated with a CVSS score of 10.0, indicating its critical nature. HPE OneView, used for managing IT infrastructure, could potentially allow attackers to take control of affected systems without needing to authenticate. This vulnerability can impact organizations relying on this software for IT operations, making it crucial for users to apply the necessary updates to safeguard their environments. HPE's prompt action to patch this flaw is vital in preventing potential exploitation by malicious actors.

Hewlett Packard Enterprise (HPE) has released a critical patch for a severe vulnerability in its HPE OneView software that allows attackers to execute arbitrary code remotely. This flaw poses a significant risk as it could enable cybercriminals to take control of affected systems without any user intervention. Organizations using HPE OneView are urged to apply the patch immediately to protect their infrastructure from potential exploitation. The impact of this vulnerability could be extensive, affecting businesses that rely on this software for managing their IT environments. Users should ensure they are running the latest version to mitigate this serious threat.