A new cybersecurity alert from the US National Security Agency warns that Russian “state-sponsored” hackers are actively exploiting a software vulnerability in multiple products made by cloud computing company VMware Inc.
The NSA said organisations should apply “as soon as possible” a software patch provided by the company on Saturday.
If successfully exploited, the vulnerability would allow a hacker to execute operating system commands remotely on the infected device, allowing for the theft or corruption of data, according to the NSA alert.
A separate cybersecurity alert by VMware states that the hackers would first need to gain access to a user’s account through a stolen password to fully take advantage of the vulnerability.
The Russian government has consistently denied any involvement in malicious cyber activity.
This is not the first time the NSA has warned of foreign state-sponsored hacking through a public technical report.
The spy agency has been releasing a series of similar reports, detailing hacks by China as well, since the launch of its own internal cyber defense unit in 2019, known as the NSA Cybersecurity Directorate.
