A critical out-of-bounds write vulnerability, CVE-2025-22224, has been identified in VMware ESXi servers, leaving approximately 37,000 systems exposed to cyberattacks. The flaw has been actively exploited by local attackers with administrative privileges, allowing them to execute code on the host system. While Broadcom, the vendor for VMware, has acknowledged this and two other related vulnerabilities as zero-days, details on the attack origins and specific targets remain undisclosed. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has mandated that federal and state organizations must apply necessary updates by March 25, 2025, or discontinue the use of vulnerable systems.

Critical Flaw Exposes 37,000 VMware Servers to Active Cyberattacks BleepingComputer

Cybercriminals have dramatically improved their attack strategies over the past year, achieving lateral movement within networks and data theft in remarkably short timeframes. Current research indicates that the average time for attackers to move laterally is now just 48 minutes, with some cases as brief as 51 seconds. This increase in speed is attributed to attackers refining their methods, leveraging legitimate tools to avoid detection, and targeting administrative credentials. Furthermore, the time from initial breach to data exfiltration has decreased to roughly two days in 2024, with some incidents occurring in under an hour, underscoring a pressing need for organizations to enhance their cybersecurity measures.

Cybercriminals Slash Attack Times: Data Theft Now Takes Just Hours Cyberscoop

Oracle's federal electronic health record (EHR) system experienced a major outage on Tuesday, affecting multiple agencies including the Department of Veterans Affairs (VA) and the Department of Defense. The disruption impacted several VA facilities and raised concerns about continuity of care for veterans. The outage, which began around 8:37 a.m. and was resolved by 2:05 p.m., led affected sites to implement contingency measures for patient care. Oracle is investigating the cause of the outage, which is part of ongoing challenges associated with the EHR system following its acquisition of Cerner in 2022, with the VA expressing prior concerns about patient safety and system effectiveness.

Oracle's EHR System Outage Disrupts Care for Veterans and Agencies Nationwide CNBC

Users of x.com have reported access issues potentially linked to specific privacy-related browser extensions. The platform recommends disabling these extensions as a troubleshooting measure to restore functionality. While this situation may cause temporary inconvenience, adjusting browser settings is expected to resolve the problems. This incident underscores the tension between online privacy protections and website accessibility. Users are encouraged to follow the guidance and check if their access improves after making the adjustments.

x.com Users Urged to Disable Privacy Extensions to Resolve Access Issues X