New critical flaws (CVE-2024-22245 & CVE-2024-22250) in VMware's EAP plugin pose security risks by allowing attackers to hijack Active Directory accounts and privileged EAP sessions. Users are advised to uninstall the plugin immediately to mitigate potential cyber threats. Additionally, a critical vulnerability in VMware vSphere Plug-in has been identified, enabling session hijacking, further emphasizing the importance of cybersecurity measures in the face of evolving threats. In a separate development, a Microsoft Exchange flaw (CVE-2024-21410) has the potential to impact a significant number of servers, highlighting the pervasive nature of cybersecurity vulnerabilities across various platforms.