Unlock the White House Watch newsletter for free Your guide to what the 2024 US election means for Washington and the world The chair of the House China panel has urged JPMorgan Chase and Bank of America to halt work on the Hong Kong listing of Chinese battery maker CATL, in a further escalation of … Read more
Apr 08, 2025Ravie LakshmananNetwork Security / Vulnerability Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a CVSS score of 9.3 out of a maximum of 10.0. “An unverified password change vulnerability [CWE-620] in FortiSwitch … Read more
U.S. technology giant Broadcom is warning that a trio of VMware vulnerabilities are being actively exploited by malicious hackers to compromise the networks of its corporate customers. The three vulnerabilities — collectively dubbed “ESXicape” by one security researcher — affect VMware ESXi, Workstation, and Fusion, which are widely used software hypervisor products that allow multiple … Read more
Influential proxy advisory firm Institutional Shareholder Services recommended on Friday that Apple investors vote against a proposal to consider eliminating the iPhone maker’s diversity, equity and inclusion policies. Apple’s disclosures offer shareholders sufficient information about its DEI policies and there have been no controversies or signs of discrimination against employee groups, ISS said. The company’s … Read more
Feb 05, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-45195 (CVSS score: 7.5/9.8) – A forced browsing vulnerability in Apache … Read more