Sign inCreate account
noc.social is part of the decentralized social network powered by Mastodon.
This instance is focused on technology, networking, linux, privacy, security, infosec, engineering, but open to anyone. Civil discourse, polite and open. Managed by the noc.org / trunc.org team.

Administered by:

Server stats:

679
active users
Learn more

noc.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.1.24

*
Kevin Beaumont

3 different VMware zero days, under active exploitation by ransomware group

CVE-2025-22224, CVE-2025-22225, CVE-2025-22226

VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion
VMware Cloud Foundation
VMware Telco Cloud Platform

(Exploitation actually ESXi)

support.broadcom.com/web/ecx/s

#threatintel

Support Content Notification - Support Portal - Broadcom support portalSupport Portal
*
Kevin Beaumont

Unclear if related to this post from a few weeks ago.

Kevin Beaumont

You may want to escalate patching this as it allows virtual machine to hypervisor escape - e.g. from some dumb VM to the whole VMware private cloud estate.

mike805

@GossiTheDog KVM-QEMU. Have been using it for years. It works. Enough of VMware already.

Mar 09, 2025, 21:09 · · Web · 0 · 0
ExploreLocalFederated
About

Trending now

#throwbackthursday5 people in the past 2 days
#csu30 people in the past 2 days
#neuroscience9 people in the past 2 days