In October, VMware fixed a critical remote code execution vulnerability in its vCenter Server (CVE-2023-34048) and Cloud Foundation enterprise products that are used to manage virtual machines across hybrid clouds. It has now come to light that a Chinese cyberespionage group had been exploiting the vulnerability for 1.5 years before the patch became available.
“These findings stem from Mandiant’s continued research of the novel attack paths used by UNC3886, which historically…