China-linked Cybercriminals Exploit VMware ESXi Vulnerabilities
First seen 9 Jan 2026, 15:51 UTC
•
•58% similarity
•33
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Chinese-linked cybercriminals utilized a VMware ESXi hypervisor escape kit to target the ESXi hypervisor. Researchers from Huntress reported that the toolkit was in development as early as February 2024 and was used in an intrusion observed in December 2025. The attack involved sophisticated techniques to break out of virtual machines.
ThreatCluster AI