"Novel Malware Ecosystem" Threatens VMware ESXi Hypervisors
According to Google's Mandiant threat intelligence division, threat actors are deploying new post-compromise implants in VMware's virtualization software to gain control over the infected systems. The attacks allow hackers to maintain stable access to the hypervisor and remotely execute malicious commands. Researchers emphasize that the flaw is not an external remote code execution vulnerability since the attacks need admin-level privileges to the ESXi hypervisor to deploy malware. Read more...