The Register on MSN

China-linked cybercrims abused VMware ESXi zero-days a year before disclosure

Huntress analysis suggests VM escape bugs were already weaponized in the wild Chinese-linked cybercriminals were sitting on a ...
CSOonline

Chinese ‘Fire Ant’ spies start to bite unpatched VMware instances

Suspected China-aligned actors are running a new “Fire Ant” espionage campaign, active since early 2025, that targets VMWare ESXi, vCenter servers, and F5 appliances to achieve stealthy ...