The China-linked attacks utilizing ‘Brickstorm’ backdoors have targeted long-term persistence on VMware vCenter and ESXi servers, according to the U.S. Cybersecurity and Infrastructure Security Agency.
A wave of China-linked espionage attacks has been observed targeting VMware vSphere systems, and have gained long-term persistence in some cases, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
In an advisory Thursday, CISA disclosed that the attacks—utilizing a sophisticated backdoor known as “Brickstorm”—have targeted VMware vCenter and ESXi servers.
[Related: 10 Major Cyberattacks And Data Breaches In 2025 (So Far)]
Meanwhile, CrowdStrike’s Counter Adversary Operations team reported Thursday that it has identified “multiple intrusions” against U.S. customers of Broadcom-owned VMware throughout…
