Chinese hackers exploiting VMware zero-day since October 2024

Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024.
SecurityWeek

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability

Broadcom fixed the flaw in fresh releases of VMware Cloud Foundation, vSphere Foundation, Aria Operations, Telco Cloud Platform, and VMware Tools, and noted that fixes for open-vm-tools will be ...
The Escapist

Unity Engine exploit dating from 2017 sparks emergency patches across gaming industry

Unity has disclosed a major security flaw affecting engine versions since 2017, impacting Android, Windows, and Mac games. Developers and players must patch immediately.
Arabian Post on MSN

Broadcom Held Silent on Exploited VMware Zero-Day

CVE-2025-41244—that was already under exploitation by a China-linked hacking group, but failed to disclose that fact in its public advisory.The flaw allows a non-administrative user in a virtual ...