Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 13 – 2025

Publication date

28.03.2025

Featured Story

Broadcom Warns of Authentication Bypass in VMware Windows Tools

Broadcom has released a security advisory addressing a high-severity authentication bypass vulnerability in VMware Tools for Windows (CVE-2025-22230). The flaw allows a local low-privileged user to gain higher privileges on the virtual machine. This issue is present in versions 12.x.y and 11.x.y of VMware Tools for Windows.

The company has released updated versions of VMware Tools to resolve this issue and urges users to upgrade to a fixed version as soon as possible. The flaw specifically impacts Windows guests and not other operating systems.

SOC Analysis:
Exploitation of this flaw could allow lateral movement within compromised networks. The ability to elevate privileges makes it a prime candidate for follow-up attacks or post-exploitation actions. Upgrade VMware Tools in your environment urgently to minimize exposure.

Other Stories

CrushFTP Urges Immediate Patching of Unauthenticated Access Flaw

CrushFTP has disclosed a critical vulnerability (CVE-2025-2825) allowing unauthenticated attackers to access its HTTP(S) ports. This affects both v10 and v11, and updates are available in versions 10.8.4+ and 11.3.1+.

SOC Analysis:
This vulnerability is currently being exploited in the wild. If your CrushFTP instance is public-facing and unpatched, it could allow attackers to bypass authentication and gain direct access to the interface. Immediate patching is advised.

VSCode Marketplace Removes Extensions Deploying Early-Stage Ransomware

Two malicious extensions, “ahban.shiba” and “ahban.cychelloworld”, were recently removed from the Visual Studio Code Marketplace. They delivered early-stage ransomware payloads and affected over 50,000 installations.

SOC Analysis:
This incident highlights the importance of reviewing third-party extensions in development environments. Enforce extension whitelists

OTHER STORIES

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?