Chinese-speaking threat actors are suspected to have leveraged
a compromised SonicWall VPN appliance as an initial access vector
to deploy a VMware ESXi exploit that may have been developed as far
back as February 2024. Cybersecurity firm Huntress, which observed
the activity in December 2025 and stopped it before it could
progress to the final stage, said it may have resulted in a
ransomware
Read more https://thehackernews.com/2026/01/chinese-linked-hackers-exploit-vmware.html
