#vmware-esxi

[ follow ]
#vm-escape #sonicwall-vpn-compromise #zero-day-vulnerabilities #chinese-linked-cybercrime
fromThe Hacker News
1 week ago

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024. Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage, said it may have resulted in a ransomware attack.
Information security
Information security
fromTheregister
1 week ago

China crew abused ESXi zero-days a year before disclosure

Chinese-linked cybercriminals possessed a working VMware ESXi hypervisor escape kit developed by February 2024, exploiting ESXi CVEs to escape guest VMs and compromise hypervisors.
Information security
fromTechzine Global
1 month ago

Ransomware increasingly targeting hypervisors

Attackers increasingly target hypervisors (VMware ESXi, Microsoft Hyper-V) to compromise entire virtual environments, enabling large-scale ransomware impact by controlling the virtualization layer.
Information security
fromThe Hacker News
5 months ago

Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure

Scattered Spider targets VMware ESXi hypervisors, employing social engineering to bypass security measures and conduct precise, campaign-driven attacks.
[ Load more ]