A shocking revelation has emerged, highlighting the advanced capabilities of China-linked cybercriminals. These malicious actors were found to possess a powerful toolkit for exploiting VMware ESXi hypervisors, and the story gets even more intriguing. The toolkit, developed over a year before the vulnerabilities were disclosed, showcases a sophisticated and stealthy approach to cyberattacks.

Researchers from Huntress have detailed an incident that occurred in December 2025, where a compromised SonicWall VPN appliance served as the entry point for a chain of events leading to a full-blown hypervisor compromise. The attackers, with remarkable precision, commandeered a Domain Admin account and seamlessly pivoted across the network, ultimately deploying a suite of tools designed to escape the confines of a guest VM and target the ESXi hypervisor directly.

But here's where it gets controversial: VM escape bugs, as Huntress points out, shatter the fundamental promise of virtualization - that a hacked VM remains isolated. In this case, the attackers crafted a unique set of tricks specific to ESXi, allowing them to breach the virtual barrier and execute code on the hypervisor itself. This level of sophistication is a cause for concern, especially considering the potential impact on critical infrastructure.

Huntress's analysis of the binaries provides further evidence of the attackers' origins and intentions. Simplified Chinese strings and folders labeled with Chinese text hint at the region, while timestamps within the code indicate development well before VMware's official disclosure of the vulnerabilities in March 2025. These vulnerabilities, tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, were deemed critical and high-severity, capable of being chained to compromise the hypervisor from within a guest VM.

At the time of VMware's disclosure, the company warned of potential exploitation in the wild, and this is precisely what Huntress's findings suggest. While organizations rushed to patch their ESXi hosts, skilled actors were already leveraging these vulnerabilities, unbeknownst to IT teams. This wasn't a simple, opportunistic attack; the attackers disabled VMware's drivers, loaded unsigned kernel modules, and established covert communication channels, all designed to operate under the radar.

The toolkit's versatility is particularly alarming, supporting over 150 builds of ESXi and potentially impacting a vast range of environments. This incident serves as a stark reminder of the evolving threat landscape and the need for constant vigilance. It's not the first time China-linked attackers have been caught exploiting zero-day vulnerabilities in enterprise software, and campaigns like Volt Typhoon demonstrate their ability to infiltrate and remain undetected for extended periods.

