Chinese hackers exploiting VMware zero-day since October 2024

Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024.
The Hacker News

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a ...

Broadcom fixes high-severity VMware NSX bugs reported by NSA

Broadcom has released security updates to patch two high-severity VMware NSX vulnerabilities reported by the U.S. National ...
Infosecurity Magazine

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

One of the most severe issues, tracked as CVE-2025-41250, is an SMTP header injection bug in vCenter. With a CVSSv3 base ...