Patch now - this new botnet is targeting HPR OneView vulnerabilities

The critical flaw represents real-world risk ...
theregister

RondoDox botnet linked to large-scale exploit of critical HPE OneView bug

A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet. The security outfit says it has identified "large-scale exploitation ...
Infosecurity-magazine.com

RondoDox Botnet Targets HPE OneView Vulnerability in Exploitation Wave

An active, coordinated exploitation campaign conducted by a botnet has been identified by Check Point Research which is targeting a critical vulnerability affecting HPE OneView. The activity has been ...
SDxCentral

CISA warns critical HPE OneView bug is in the wild and being exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has warned a critical vulnerability in software from Hewlett Packard Enterprise (HPE) is being actively exploited. A bug in the ...
CSOonline

CISA flags max-severity bug in HPE OneView amid active exploitation

The flaw allows remote code execution via a public REST API, giving attackers a direct path to compromise enterprise infrastructure. A max-severity remote code execution (RCE) flaw in HPE’s OneView ...
theregister

CISA flags actively exploited Office relic alongside fresh HPE flaw

CISA has added a pair of security holes to its actively exploited list, warning that attackers are now abusing a maximum-severity bug in HPE's OneView management software and a years-old flaw in ...
heise online

Patch now! Attackers are targeting HPE OneView and PowerPoint

Currently, unknown attackers are targeting macOS systems via a seventeen-year-old security vulnerability in PowerPoint with malicious code. HPE's IT management system, OneView, is also currently ...
Bleeping Computer

CISA tags max severity HPE OneView flaw as actively exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a maximum-severity HPE OneView vulnerability as actively exploited in attacks. HPE's OneView infrastructure management ...
Dark Reading

Maximum Severity HPE OneView Flaw Exploited in the Wild

A maximum-severity vulnerability in OneView, HPE's software-defined management platform, has come under attack, according to the Cybersecurity and Infrastructure Security Agency (CISA). CVE-2025-37164 ...
SecurityWeek

Critical HPE OneView Vulnerability Exploited in Attacks

The US cybersecurity agency CISA on Wednesday warned that a critical-severity vulnerability in the OneView product from Hewlett Packard Enterprise (HPE) has been exploited in attacks. Tracked as ...
The Hacker News

CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting Microsoft Office and Hewlett Packard Enterprise (HPE) OneView to its Known Exploited ...
aha.org

H-ISAC TLP White Threat Bulletin: Active Exploitation of Critical HPE OneView RCE Flaw (CVE-2025-37164)

A maximum-severity vulnerability in HPE OneView, tracked as CVE-2025-37164, is being actively exploited in the wild. This unauthenticated remote code execution (RCE) flaw carries a CVSS score of 10.0, ...