Researchers claim that a GitHub proof-of-concept exploit of previously disclosed VMware vulnerability is being deployed in the field by hackers.
Hackers are exploiting recently discovered VMware weaknesses in order to transmit Mirai denial-of-service malware and exploit the Log4Shell vulnerability. Barracuda security researchers uncovered attempts to attack the recent vulnerabilities CVE-2022-22954 and CVE-2022-22960, both of which were announced last month.
According to Barracuda, “Barracuda researchers reviewed the attacks and payloads detected by Barracuda systems between April and May and discovered a consistent stream of attempts to exploit two recently discovered VMware vulnerabilities: CVE-2022-22954 and CVE-2022-22960.”
Read More: https://threatpost.com/vmware-bugs-abused-mirai-log4shell/179652/