Aggregator

You must login to view this content

Researchers identified 13 critical vulnerabilities in Tridium’s widely-deployed Niagara Framework that could allow attackers to compromise building automation systems and collect sensitive network data.  The vulnerabilities, affecting versions 4.10u10 and earlier, as well as 4.14u1 and earlier, enable attackers with network access to execute sophisticated attack chains resulting in complete system compromise, including root-level remote […]

The post Multiple Vulnerabilities in Tridium Niagara Framework Let Attacker to Collect Sensitive Data from the Network appeared first on Cyber Security News.

Christina Marie Chapman, an Arizona resident, was sentenced to 8.5 years in prison for her role in a wide-ranging North Korean IT worker scam that sent $17 million to the outlaw country. Chapman ran a laptop farm from her home, validated stolen U.S. identities for the scammers, and transferred money overseas to the bad actors.

The post U.S. Woman Sentenced to 8.5 Years for Role in North Korean Worker Scam appeared first on Security Boulevard.

Two critical vulnerabilities in the VMware Guest Authentication Service (VGAuth) component of VMware Tools allow local attackers to escalate privileges from any user account to SYSTEM-level access on Windows virtual machines.  The vulnerabilities, tracked as CVE-2025-22230 and CVE-2025-22247, affect VMware Tools installations across ESXi-managed environments and standalone VMware Workstation deployments. Key Takeaways1.  VMware Tools VGAuth […]

The post Critical VMware Tools VGAuth Vulnerabilities Enable Full System Access for Attackers appeared first on Cyber Security News.