Mass scanning activity targeting VMware servers with the remote code execution security bug after a Chinese researcher released proof of concept (POC) code.
Threat actors exploited Log4Shell vulnerability on unpatched VMware servers to gain access, move laterally, deploy malware, and exfiltrate sensitive information.
Ransomware attack campaign targeted an old (and previously patched) vulnerability in VMware servers, and that it has grown to become the largest attack of its type, compromising at least 3,200 VMware servers.