Software abuse at source

Hackers are abusing the MSBuild environment to embedded malicious code into applications to evade detection. Attackers are abusing MSBuild to evade defences and implant Cobalt Strike beacons – SANS Internet Storm Centre

VMware vulnerability

A serious vulnerability in VMware has been discovered: VMSA-2021-0029 (vmware.com) As the article on The Register says “ignore this at your peril”. Over Log4j? VMware has another critical flaw for you to fix • The Register