CISA: Ransomware intrusions exploiting VMware ESXi bug ongoing
Universities, schools, and other educational entities around the world experienced 251 ransomware intrusions last year, which is only 2% higher…
Tag: ESXi
CISA confirms exploitation of VMware ESXi flaw by ransomware attackers – Help Net Security
CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the…
CISA: VMware ESXi flaw now exploited in ransomware attacks
CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was previously…
VMware ESXi zero-day exploits: over 30,000 instances at risk
What happened? In December 2025, Huntress researchers uncovered a sophisticated attack campaign targeting VMware ESXi hypervisors, revealing a threat actor had developed…
ESXi Exploit Breaks VM Isolation and Compromises Hypervisors
Key Takeaways: A newly toolkit shows how attackers can break VM isolation and target the ESXi hypervisor. The exploit relies…
China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
Jan 09, 2026Ravie LakshmananVirtualization / Vulnerability Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as…
China crew abused ESXi zero-days a year before disclosure
By Carly Page Publication Date: 2026-01-09 13:28:00 Chinese-linked cybercriminals were sitting on a working VMware ESXi hypervisor escape kit more…
VMware ESXi zero-days likely exploited a year before disclosure
Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have…
Chinese-speaking hackers exploited ESXi zero-days long before disclosure
Chinese-speaking hackers exploited ESXi zero-days long before disclosure Pierluigi Paganini January 09, 2026 Chinese-speaking attackers used a hacked SonicWall VPN…
.webp?ssl=1 "Hackers Exploiting VMware ESXi Instances in the Wild Using zero-day Exploit Toolkit")
Hackers Exploiting VMware ESXi Instances in the Wild Using zero-day Exploit Toolkit
Hackers are exploiting VMware ESXi instances in the wild with a zero-day exploit toolkit that chains multiple vulnerabilities for VM…