Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

Unique, a new social media app

June 17, 2025

Mastodon updates its term to ban AI model training

June 17, 2025

As food shortages continue, UNFI says it is recovering from cyberattacks

June 17, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    Mastodon updates its term to ban AI model training

    June 17, 2025

    Amazon will be holding Prime Day 2025 from July 8th to 11th

    June 17, 2025

    Adobe Fireflies come to iOS and Android

    June 17, 2025

    You can now set double dates with friends on Tinder

    June 17, 2025

    Instagram tests the repost feature

    June 16, 2025
  • Crypto

    Unique, a new social media app

    June 17, 2025

    xNotify Polymarket as partner in the official forecast market

    June 6, 2025

    Circle IPOs are giving hope to more startups waiting to be published to more startups

    June 5, 2025

    GameStop bought $500 million in Bitcoin

    May 28, 2025

    Vote for the session you want to watch in 2025

    May 26, 2025
  • Security

    As food shortages continue, UNFI says it is recovering from cyberattacks

    June 17, 2025

    UK Watchdog will fine 23andMe over 2023 data breach

    June 17, 2025

    Google to expand AI-powered fraud detection and security operations in India

    June 17, 2025

    As food shortages continue, UNFI says it is recovering from cyberattacks

    June 16, 2025

    Car Sharing Giant Zoom Car says hackers have accessed the personal data of 8.4 million users

    June 16, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    The well-known global VC Endeavor catalyst has raised $300 million, according to sources

    June 17, 2025

    Spotify's Daniel Ek has a big bet on Helsing, a European defence technology darling

    June 17, 2025

    Startup Battlefield 200 application closes midnight

    June 16, 2025

    Investor experience at TC at every stage

    June 16, 2025

    Founder Experience at TechCrunch All Stage: Building for those who build the following

    June 16, 2025
TechBrunchTechBrunch

Broadcom encourages VMware customers to patch “urgent” zero-day bugs under active exploitation

TechBrunchBy TechBrunchMarch 5, 20253 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


US technology giant Broadcom warns that a trio of VMware vulnerabilities have been actively exploited by malicious hackers to compromise the network of corporate customers.

Three vulnerabilities, collectively referred to as “espageape” by one security researcher, affect VMware ESXI, workstations, and fusion. It is a widely used software hypervisor product that allows you to manage multiple virtual machines on a single server. Hypervisors are commonly used to reduce the need to take up space on physical servers.

Broadcom, which acquired VMware in 2023, said the vulnerability (tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) could allow Virtual Machine administrators or attackers with root privileges or attackers with root privileges to escape protected sandboxes.

Access to the hypervisor allows an attacker to access other virtual machines, including virtual systems owned by other companies in the same physical data center.

Broadcom says it has “information to suggest” that the vulnerability is being exploited in the wild.

“The impact here is enormous. Attackers who compromise a hypervisor can compromise other virtual machines that share the same hypervisor,” Stephen, Le Le Telligence Company Rapid7's leading security researcher, told TechCrunch.

Broadcom did not share details about the nature of the attack or the threat actors behind it, nor did it say whether customer data was accessed. A Broadcom spokesman did not respond to TechCrunch questions. Microsoft, which discovered and reported a Broadcom vulnerability, also did not respond to the reporting time.

Security researcher Kevin Beaumont said in a Mastodon post that the three vulnerabilities are being actively exploited by yet-known ransomware groups.

VMware's vulnerabilities are frequently targeted by ransomware groups, due to their ability to be exploited to compromise multiple servers during a single attack, considering that enterprise data that is often stored in these virtualized environment-sensitive.

In 2024, Microsoft discovered that several ransomware groups were leveraging the VMware hypervisor flaw in attacks that deploy Black Basta and Lockbit ransomware in data steal campaigns targeting corporate data. The previous year, a massive hacking campaign called “Esxiargs” was leveraging a vulnerability in VMware from two years ago, targeting thousands of organizations around the world.

Broadcom has released patches for three vulnerabilities: This is classified as a “zero-day” bug because it was exploited before the fix became available. Broadcom describes its security advisory as an “urgent” change, urging customers to apply patches as soon as possible.

Additionally, CISA, a US government cybersecurity agency, has warned federal agencies to patch bugs. This has been added to the execution catalog for vulnerabilities known to be under attack.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

As food shortages continue, UNFI says it is recovering from cyberattacks

June 17, 2025

UK Watchdog will fine 23andMe over 2023 data breach

June 17, 2025

Google to expand AI-powered fraud detection and security operations in India

June 17, 2025

As food shortages continue, UNFI says it is recovering from cyberattacks

June 16, 2025

Car Sharing Giant Zoom Car says hackers have accessed the personal data of 8.4 million users

June 16, 2025

How to delete 23andMe data

June 14, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

Unique, a new social media app

June 17, 2025

Mastodon updates its term to ban AI model training

June 17, 2025

As food shortages continue, UNFI says it is recovering from cyberattacks

June 17, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.