Threat Post

Partially Unpatched VMware Bug Opens Door to Hypervisor Takeover

ESXi version 7 users are still waiting for a full fix for a high-severity heap-overflow security vulnerability, but Cloud Foundation, Fusion and Workstation users can go ahead and patch. A security ...
Network World

VMware’s hypervisor is free, but enterprises will still pay

VMware made a long-anticipated move July 22 when it announced that its ESXi hypervisor would be free. That doesn’t mean VMware customers can avoid pricey fees for support and management tools, though.

VMware ESXi zero-days likely exploited a year before disclosure

Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted ...
CSOonline

VMware ESXi hypervisor vulnerability grants full admin privileges

ESXi hypervisors are a ‘favored target for threat actors’ because many security products have limited visibility and protection for them, researchers said. Security researchers at Microsoft have ...
The Hacker News

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...