Tag

Virtualization

2 briefs RSS

BRICKSTORM Malware Targeting VMware vSphere Environments

The BRICKSTORM malware targets VMware vSphere environments, specifically vCenter Server Appliance (VCSA) and ESXi hypervisors, by exploiting weak security configurations to establish persistence at the virtualization layer, leading to administrative control and potential data exfiltration.

BRICKSTORM vsphere virtualization persistence lateral-movement

2r 2t Apr 2, 2026

critical threat

QEMU Hypervisor Escape via virtio-snd 0-Day

2 rules 2 TTPs

An unpatched vulnerability in QEMU's virtio-snd component allows for a hypervisor escape due to an uncontrolled heap overflow.

virtualization hypervisor qemu virtio-snd heap overflow hypervisor escape

2r 2t Mar 19, 2026