Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Conversation

Notices

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 06-Mar-2025 18:45:32 JST Kevin Beaumont

In case you missed it - update VMware ESX
There's an in the wild exploit chain being used which does VM -> Hypervisor escape, across all versions of ESXi. Allows full cluster access (not just VMs on that host)
Impacts ESX 5.5 (no patch), 6.5, 6.7, 7, 8 - ie every version released over the past 15 years
https://doublepulsar.com/use-one-virtual-machine-to-own-them-all-active-exploitation-of-esxicape-0091ccc5bdfc
#threatintel
In conversation about 3 days ago from cyberplace.social permalink
Attachments
1. Domain not in remote thumbnail source whitelist: miro.medium.com
  
  Use one Virtual Machine to own them all — active exploitation of ESXicape
  
  from https://medium.com/@networksecurity
  
  A chain of three zero days allow threat actors to escape a Virtual Machine.
- Embed this notice
  Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 06-Mar-2025 23:27:37 JST Kevin Beaumont
  in reply to
  - Wary Jerry
  @jerry yeah. There’s going to be a bunch of SMBs caught in the middle of Managed Hosting companies not patching as soon as somebody reverses the patches and releases an exploit on GitHub.
  
  In conversation about 2 days ago permalink
- Embed this notice
  Wary Jerry (jerry@infosec.exchange)'s status on Thursday, 06-Mar-2025 23:27:38 JST Wary Jerry
  in reply to
  
  @GossiTheDog this is the sort of vulnerability I really feared when I was responsible for securing a public cloud
  
  In conversation about 2 days ago permalink

Public

Conversation

Notices

Feeds