<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Chinese Hackers Exploit VMware Flaws to Break Into Isolated Networks

Chinese cyberespionage group Fire Ant exploited VMware and F5 vulnerabilities to breach isolated networks, showing persistence and advanced tactics, according to Sygnia.
Content Team
By Content Team
Last updated:

A Chinese cyberespionage group called Fire Ant has been targeting VMware and F5 vulnerabilities to breach supposedly secure, isolated networks. The hackers exploited critical flaws like CVE-2023-34048 in vCenter Server and CVE-2023-20867 in ESXi to gain complete control over virtualization infrastructure. They then used compromised systems as stepping stones to access guest virtual machines and tunnel between network segments that should've been separated.

Cybersecurity firm Sygnia found the group shows remarkable persistence, quickly adapting when defenders try to kick them out by deploying backup backdoors and changing tactics. The attack methods strongly resemble those used by another Chinese group, UNC3886.

Source: SecurityWeek
Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo
YOU MAY ALSO LIKE
Cyberattacks
Pro-Ukraine Hackers Disrupt Aeroflot, Canceling Dozens of Flights
Jul 30, 2025
Ransomware
SafePay Ransomware Shuts Down Global Tech Giant Ingram Micro
Jul 31, 2025
Vulnerabilities
CISA Warns of Critical Security Flaws in Major Industrial and Medical Devices
Jul 30, 2025
Data breaches
Hackers Use 250+ Fake Korean Apps to Steal Data and Blackmail Victims
Jul 31, 2025