Cyber Security

CISA confirms exploitation of VMware ESXi flaw by ransomware attackers

CISA confirms exploitation of VMware ESXi flaw by ransomware attackers

CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in its Known Exploited Vulnerabilities (KEV) catalog. Researchers linked VMware ESXi zero-day trio to single exploit toolkit Broadcom fixed CVE-2025-22225, CVE-2025-22224 (a heap overflow vulnerability) and CVE-2025-22226 (an information disclosure flaw) in VMware ESXi, Workstation, and Fusion in early March 2025. At the time of their disclosure, Broadcom said that they have information … More

The post CISA confirms exploitation of VMware ESXi flaw by ransomware attackers appeared first on Help Net Security.

Read More

Related Posts

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Malicious NGINX Configurations Enable Large-Scale Web T...

Microsoft launches LiteBox, a security-focused open-source library OS

Microsoft launches LiteBox, a security-focused open-sou...

The Buyer’s Guide to AI Usage Control

The Buyer’s Guide to AI Usage Control

OpenAI Frontier organizes AI agents under one system

OpenAI Frontier organizes AI agents under one system

Varonis acquires AllTrue.ai to enable safe, compliant AI at scale

Varonis acquires AllTrue.ai to enable safe, compliant A...

Why a decade-old EnCase driver still works as an EDR killer

Why a decade-old EnCase driver still works as an EDR ki...