CISA flags VMware Aria Operations RCE flaw as exploited in attacks

The cybersecurity landscape is under siege as multiple threats have emerged in recent days, affecting major companies and platforms. A vulnerability in VMware Aria Operations, a widely used enterprise monitoring platform, has been flagged by the US Cybersecurity and Infrastructure Security Agency (CISA) as being exploited in attacks. Meanwhile, AkzoNobel, a multinational paint company, has confirmed a cyberattack on one of its US sites, and Facebook suffered a worldwide outage that left users unable to access their accounts.

According to CISA, the VMware vulnerability, tracked as CVE-2026-22719, has been added to its Known Exploited Vulnerabilities catalog, with federal civilian agencies required to address the issue by March 24, 2026. Broadcom, which owns VMware, has warned that it is aware of reports indicating the vulnerability is being exploited, but cannot independently confirm the claims. The vulnerability was originally disclosed and patched on February 24, 2026, as part of VMware's VMSA-2026-0001 advisory.

In a separate incident, AkzoNobel confirmed to BleepingComputer that hackers breached the network of one of its US sites, with the Anubis ransomware gang claiming to have stolen 170GB of data, including almost 170,000 files. The company said that the intrusion has been contained and the impact is limited, with affected parties being notified and supported.

Facebook, meanwhile, suffered a worldwide outage that prevented users from accessing their accounts. The outage, which began around 4:15 PM ET, was resolved several hours later, but the company has yet to provide any information on what caused the issue.

In addition to these incidents, Microsoft has warned that hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. The attacks target government and public-sector organizations with phishing links that prompt users to authenticate to a malicious application.

Furthermore, research has revealed that vehicle tire pressure sensors can be used to enable silent tracking of individuals. Like many other features and systems in modern cars, these sensors leak sensitive data that can be abused by threat actors.

These incidents highlight the ongoing cybersecurity threats faced by individuals and organizations, and the need for vigilance and proactive measures to protect against these threats. As the cybersecurity landscape continues to evolve, it is essential to stay informed and take steps to mitigate the risks.

In the case of the VMware vulnerability, CISA has required federal civilian agencies to address the issue by March 24, 2026. Broadcom has also warned that it is aware of reports indicating the vulnerability is being exploited, and has urged customers to apply the patch as soon as possible.

AkzoNobel has taken steps to contain the breach and notify affected parties, but the incident highlights the need for robust cybersecurity measures to prevent such incidents. Facebook, meanwhile, has yet to provide any information on what caused the outage, but the incident serves as a reminder of the importance of having robust systems in place to prevent such disruptions.

The OAuth phishing attacks highlighted by Microsoft demonstrate the need for individuals and organizations to be cautious when clicking on links and authenticating to applications. It is essential to verify the authenticity of requests and to use robust phishing protections to prevent such attacks.

Finally, the research on vehicle tire pressure sensors highlights the need for manufacturers to prioritize cybersecurity in the development of modern cars. As the use of connected devices and sensors becomes more widespread, it is essential to ensure that these systems are designed with security in mind to prevent the leakage of sensitive data.

In conclusion, the recent cybersecurity threats and incidents highlight the ongoing risks faced by individuals and organizations. It is essential to stay informed, take proactive measures to protect against these threats, and prioritize cybersecurity in the development of modern systems and devices.