Signal

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-01-09 11:34 UTCUpdated 2026-01-09 13:28 UTC

rss

vmware_esxi

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (2)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (2 domains)

2 top sources shown

China-linked cybercrims abused VMware ESXi zero-days a year before disclosure

theregister_security · News · go.theregister.com · 2026-01-09 13:28 UTC

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

SecurityWeek · News · securityweek.com · 2026-01-09 11:34 UTC

limited source diversity in top sources

View all evidence

Overview

Huntress analysis suggests VM escape bugs were already weaponized in the wild Chinese-linked cybercriminals were sitting on a working VMware ESXi hypervisor escape kit more than a year before the bugs it relied on were made public.….

Score total

1.01

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

All evidence

China-linked cybercrims abused VMware ESXi zero-days a year before disclosure

theregister_security · go.theregister.com · 2026-01-09 13:28 UTC

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

SecurityWeek · securityweek.com · 2026-01-09 11:34 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 2 / 0

Top publishers (this list)

theregister_security (1)
SecurityWeek (1)

Top origin domains (this list)

go.theregister.com (1)
securityweek.com (1)