VMware

A command injection vulnerability in Broadcom's VMware Aria Operations is under active exploitation, prompting CISA to set a March 24 federal remediation deadline.

A hardcoded-credential flaw in Dell RecoverPoint rated CVSS 10.0 let Chinese spies deploy three malware families and hide inside VMware infrastructure since mid-2024.