VMware ESXi Ransomware: Chinese APT Exploiting 2-Year-Old Kernel Escape Vulnerabilities

TL;DR Chinese-linked APT groups are actively exploiting 2-year-old VMware ESXi kernel escape vulnerabilities (CVE-2024-20835, CVE-2024-20837) to move from compromised VPN appliances directly into hypervisor control. Once on the hypervisor, they contr...