Hackers exploit VMware vulnerability that gives them hypervisor admin

Microsoft has discovered a vulnerability in VMware’s ESXi hypervisor software that allows attackers to gain full administrative control. Ransomware groups, including Storm-0506, Storm-1175, Octo Tempest, and Manatee Tempest, have been exploiting the flaw for months to access hosted virtual machines, encrypt files, or bring down servers. Microsoft advises immediate patching of the vulnerability, which was rated 6.8 out of 10 in severity by VMware.