3 VMware Zero-Day Bugs Allow Sandbox Escape

Broadcom disclosed three critical VMware zero-day vulnerabilities affecting ESXi, Workstation, and Fusion that enable VM escapes and host compromise; CISA added them to its Known Exploited Vulnerabilities catalog and requires patching, with no available workarounds, while reports indicate attackers are already exploiting the flaws and ransomware groups are likely to target affected infrastructure.