Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024.
\nCybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage, said it may have resulted in a ransomware<\/p>","protected":false},"excerpt":{"rendered":"
Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as…<\/p>\n","protected":false},"author":1,"featured_media":2946,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"saved_in_kubio":false,"footnotes":""},"class_list":["post-2945","page","type-page","status-publish","has-post-thumbnail","hentry"],"kubio_ai_page_context":{"short_desc":"","purpose":"general"},"_links":{"self":[{"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/pages\/2945","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec-daily.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2945"}],"version-history":[{"count":0,"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/pages\/2945\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/media\/2946"}],"wp:attachment":[{"href":"https:\/\/infosec-daily.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2945"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}