VMware ESXi zero-days likely exploited a year before disclosure

Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted ...
Dark Reading

Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs

A Chinese cyber-espionage group that researchers previously have spotted targeting VMware ESXi hosts has quietly been exploiting a zero-day authentication bypass flaw in the virtualization technology ...
SecurityWeek

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...
Dark Reading

BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets

Threat actors using the infamous BlackByte ransomware strain have joined the rapidly growing number of cybercriminals targeting a recent authentication bypass vulnerability in VMware ESXi to ...
TechRepublic

Microsoft Says Ransomware Groups Are Exploiting the Newly-Patched VMware ESXi Flaw

Microsoft Says Ransomware Groups Are Exploiting the Newly-Patched VMware ESXi Flaw Your email has been sent A vulnerability in the ESXi hypervisor was patched by VMware last week, but Microsoft has ...
Ars Technica

Hackers exploit VMware vulnerability that gives them hypervisor admin

Microsoft is urging users of VMware’s ESXi hypervisor to take immediate action to ward off ongoing attacks by ransomware groups that give them full administrative control of the servers the product ...
ZDNet

Ransomware gangs are abusing VMWare ESXi exploits to encrypt virtual hard disks

At least two major ransomware gangs are abusing vulnerabilities in the VMWare ESXi product to take over virtual machines deployed in enterprise environments and encrypt their virtual hard drives. The ...