US Cybersecurity Agency Issues Warning on Active Exploitation of VMware vCenter, Zimbra, and Other PlatformsMon 26th Jan, 2026The United States Cybersecurity and Infrastructure Security Agency (CISA) has released an official alert regarding ongoing cyberattacks targeting multiple widely used IT solutions. The warning highlights vulnerabilities in VMware vCenter Server, Zimbra Collaboration Suite, Vite.js, Versa Concerto, and Prettier, emphasizing the urgent need for administrators to apply security updates across affected platforms. This high-severity vulnerability (CVSS 8.8) can be exploited without prior authentication via specially crafted requests to the "/h/rest" API endpoint. This high-severity vulnerability (CVSS 8.8) can be exploited without prior authentication via specially crafted requests to the "/h/rest" API endpoint. Attackers can trigger it by sending tailored network packets, enabling them to inject and execute arbitrary code on affected systems, potentially compromising entire virtual infrastructure environments.

Source: The Munich Eye January 26, 2026 18:36 UTC