Search

CISA Warns of Chinese BrickStorm Malware Targeting VMware Servers

Cyber threats and incidents
By Monique Angeli Mendoza
CISA Warns of Chinese BrickStorm Malware Targeting VMware Servers

Related

Cyber threats and incidents

Axios Vulnerability Could Enable Prototype Pollution in JavaScript Projects

What happened A security vulnerability in the widely used Axios...
Read more
Cyber threats and incidents

Windows Error Reporting Service Vulnerability Lets Local Users Escalate Privileges

What happened A security vulnerability in the Windows Error Reporting...
Read more
Cyber threats and incidents

VoidLink Linux C2 Highlights Use of LLM-Generated Malware Components

What happened Security researchers have identified a Linux-focused command-and-control (C2)...
Read more
Cyber threats and incidents

React2Shell Vulnerability Abused to Deliver AI-Generated Malware

What happened A critical vulnerability in the React2Shell extension for...
Read more
Cyber threats and incidents

Conduent Data Breach Balloons, Affecting Millions More Americans

What happened A ransomware attack on government technology contractor Conduent...
Read more

Share

What happened

CISA reported that Chinese state-linked hackers are deploying new BrickStorm malware to compromise unpatched VMware servers and maintain persistent access.

Who is affected

Organizations running exposed or outdated VMware systems that support critical workloads.

Why CISOs should care

BrickStorm allows long-term access inside virtualized environments, which raises the risk of data theft, lateral movement, and operational disruption.

3 practical actions

  1. Patch vulnerable VMware servers and secure any exposed management interfaces.

  2. Hunt for indicators of compromise tied to BrickStorm and watch for unusual activity in virtual machine environments.

  3. Segment networks to limit access to critical systems if attackers gain entry.

Previous article
Russia Blocks FaceTime and Snapchat After Alleged Use in Attacks
Next article
Imper AI launches with 28 million dollars to fight deepfake impersonation attacks
Cyber threats and incidents

Axios Vulnerability Could Enable Prototype Pollution in JavaScript Projects

What happened A security vulnerability in the widely used Axios...
Cyber threats and incidents

Windows Error Reporting Service Vulnerability Lets Local Users Escalate Privileges

What happened A security vulnerability in the Windows Error Reporting...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.