On March 4, 2025, Broadcom published a critical security advisory on 3 new zero-day vulnerabilities affecting multiple VMware products. Learn more!| Rapid7
The virtualization giant advised customers to immediately deploy patches and said it’s not aware of any exploitation in the wild.| Cybersecurity Dive
Ransomware groups continue to target VMware because they know the virtualization infrastructure is vulnerable and lacks security tools, threat researchers said.| Cybersecurity Dive
The threat actor primarily installed cryptomining software onto affected systems. In some cases, however, it deployed Cobalt Strike beacons, Blackberry found.| Cybersecurity Dive
Recent flaws earned the company CISA's 10th emergency directive, the latest in a series of potential high-impact flaws for enterprise users.| Cybersecurity Dive
Advisory ID: | Support Portal
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.How to use the KEV CatalogThe KEV catalog is also available in these formats:| Cybersecurity and Infrastructure Security Agency CISA
Common vulnerabilities and Exposures (CVE)| www.cve.org