Researchers found an announcement on an underground forum for LockBit Linux-ESXi Locker version 1.0 in October.
An unknown threat group is exploiting the Log4j vulnerability in VMware Horizon servers to install webshells for further malicious activity.
There is active exploitation of the vCenter Server bug disclosed last week, along with mass scanning activity looking for vulnerable servers.
VMware has released a fix for a critical file-upload vulnerability, along with nearly 20 other bugs in vCenter Server.
VMware has released a patch for a critical authentication bypass flaw in its Carbon Black App Control product.