What happened?
In December 2025, Huntress researchers uncovered a sophisticated attack campaign targeting VMware ESXi hypervisors, revealing a threat actor had developed and weaponised exploits for three critical vulnerabilities well before their public disclosure and patching in March 2025. Forensic analysis of the toolkit revealed timestamps dating back to February 2024 – over a year before VMware’s public disclosure.
The vulnerabilities – collectively referred to as “ESXicape” – allow attackers to escape the confines of a virtual machine (VM) and compromise the underlying hypervisor; the core of the attack was the deployment of a zero-day exploit toolkit which chained three ESXi vulnerabilities to achieve VM escape:
- CVE-2025-22226 – an out-of-bounds read in HGFS, leaking memory from the VMX process and disclosing the base address needed for further exploitation.
- CVE-2025-22224 – a vulnerability in VMCI, allowing arbitrary code…
