Latest HPE news

Latest HPE news

HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely.
- Sergiu Gatlan
- December 18, 2025
- 06:35 AM
- 0
HPE warns of hardcoded passwords in Aruba access points

Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface.
- Bill Toulas
- July 20, 2025
- 10:09 AM
- 1
New Webinar: Choose Your Own Investigation — Browser Attack Edition

Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
- Push Security Sponsorship
Hewlett Packard Enterprise warns of critical StoreOnce auth bypass

Hewlett Packard Enterprise (HPE) has issued a security bulletin to warn about eight vulnerabilities impacting StoreOnce, its disk-based backup and deduplication solution.
- Bill Toulas
- June 03, 2025
- 04:55 PM
- 0
HPE notifies employees of data breach after Russian Office 365 hack

Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company's Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack.
- Sergiu Gatlan
- February 07, 2025
- 02:21 PM
- 0
HPE investigates breach as hacker claims to steal source code

Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company's developer environments.
- Sergiu Gatlan
- January 20, 2025
- 02:06 PM
- 0
HPE warns of critical RCE flaws in Aruba Networking access points

Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points.
- Bill Toulas
- November 07, 2024
- 10:47 AM
- 0
HPE Aruba Networking fixes critical flaws impacting Access Points

HPE Aruba Networking has fixed three critical vulnerabilities in the Command Line Interface (CLI) service of its Aruba Access Points, which could let unauthenticated attackers gain remote code execution on vulnerable devices.
- Sergiu Gatlan
- September 26, 2024
- 08:11 AM
- 0
HPE investigates new breach after data for sale on hacking forum

Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information.
- Sergiu Gatlan
- February 05, 2024
- 01:33 PM
- 0
HPE: Russian hackers breached security team's email accounts

Hewlett Packard Enterprise (HPE) disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments.
- Lawrence Abrams
- January 24, 2024
- 04:50 PM
- 0
HPE says hackers breached Aruba Central using stolen access key

HPE has disclosed that data repositories for their Aruba Central network monitoring platform were compromised, allowing a threat actor to access collected data about monitored devices and their locations.
- Lawrence Abrams
- November 10, 2021
- 05:19 PM
- 0
New Windows 10 21H2 build comes with improved WiFi security

Microsoft has released Windows 10 21H2 19044.1200 with the awaited new Windows Hello security feature, WPA3 HPE support, and GPU computing in the Windows Subsystem for Linux.
- Lawrence Abrams
- August 18, 2021
- 03:23 PM
- 5
HPE fixes critical zero-day vulnerability disclosed in December

Hewlett Packard Enterprise (HPE) has released a security update to address a zero-day remote code execution vulnerability disclosed last year, in December.
- Sergiu Gatlan
- May 27, 2021
- 09:15 AM
- 0
HPE discloses critical zero-day in server management software

Hewlett Packard Enterprise (HPE) has disclosed a zero-day bug in the latest versions of its proprietary HPE Systems Insight Manager (SIM) software for Windows and Linux.
- Sergiu Gatlan
- December 16, 2020
- 09:55 AM
- 0
HPE fixes maximum severity remote auth bypass bug in SSMC console

Hewlett Packard Enterprise (HPE) has fixed a maximum severity remote authentication bypass vulnerability affecting the company's HPE StoreServ Management Console (SSMC) data center storage management solution.
- Sergiu Gatlan
- October 23, 2020
- 06:22 PM
- 0
HPE Warns of New Bug That Kills SSD Drives After 40,000 Hours

Hewlett Packard Enterprise (HPE) is once again warning its customers that certain Serial-Attached SCSI solid-state drives will fail after 40,000 hours of operation, unless a critical patch is applied.
- Ionut Ilascu
- March 24, 2020
- 06:26 PM
- 4
Ransomware Hits HPE iLO Remote Management Interfaces

Attackers are targeting Internet accessible HPE iLO 4 remote management interfaces, supposedly encrypting the drives, and then demanding Bitcoins to get access to the data again. While it has not been 100% confirmed if the hard drives are actually being encrypted, we do know that multiple victims have been affected by this attack.
- Lawrence Abrams
- April 25, 2018
- 05:13 PM
- 4