Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

Updated on September 30, 2025

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs.
The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions –

VMware Cloud Foundation 4.x and 5.x
VMware…

Read the rest of the story at Read More

Source: The Hacker News

November 30, 2023 Uncategorized

This Free Solution Provides Essential Th...

October 8, 2024 Uncategorized

New Case Study: The Evil Twin Checkout P...

January 10, 2025 Uncategorized

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

Related posts

This Free Solution Provides Essential Th...

New Case Study: The Evil Twin Checkout P...

AI-Driven Ransomware FunkSec Targets 85 ...

Leave a Comment Cancel reply

Recent News

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild