When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Areportfrom Mandiant claims the group used the flaw to deploymalware, steal credentials, and ultimately exfiltrate sensitive data.
The flaw in question is tracked as CVE-2023-34048.
The patch was released in late October 2023.
The next step was to install VIRTUALPITA and VIRTUALPIE malware, which granted direct access to the compromised endpoints.
VMware urges vCenter Server users to apply the latest patch immediately.
Furthermore, they discovered a unique malware/dropper dubbed VirtualGate.
ViaTheHackerNews
