This week’s tech earnings put Nvidia back under the spotlight, as blockbuster AI-driven results clashed with a skittish market that still sold the stock off—capturing the tension between hard data on acceleration and deep-seated fears of an AI overreach.
Hazeldenes, a major Australian poultry processor, has halted production after a cyberattack, triggering chicken shortages across Victoria and underscoring how digital threats can disrupt the nation’s food supply chain. The incident remains under investigation.
Vienna-based Flinn.ai has secured $20 million in a Series A round led by HV Capital to automate regulatory and quality compliance for medical device and pharmaceutical companies. The funding will fuel its expansion into the US market and extend its AI platform across the entire product lifecycle.
A sophisticated Chinese-speaking threat actor has been caught exploiting a trio of VMware ESXi zero-day vulnerabilities, allowing them to escape virtual machines and gain full control of the underlying hypervisor.
Cyber News Centre's cyber update for 9th January 2026: A highly sophisticated, likely state-sponsored threat actor has been discovered exploiting a chain of VMware ESXi zero-day vulnerabilities to achieve a full virtual machine escape, a nightmare scenario for any organisation relying on virtualisation for security and segmentation.
VMware, a subsidiary of Broadcom, is a global leader in cloud computing and virtualisation software and services. Its ESXi hypervisor is a bare-metal hypervisor that is widely used in enterprise data centers for managing and partitioning server hardware.
Update: Cybersecurity firm Huntress has uncovered a sophisticated attack campaign targeting VMware ESXi, leveraging a trio of vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) to escape from a guest virtual machine and seize control of the underlying hypervisor. The attack, observed in December 2025, began with initial access through a compromised SonicWall VPN.
The threat actor, assessed to be a well-resourced Chinese-speaking group, then moved laterally to a domain controller and deployed a custom toolkit. This toolkit, which includes components named "MAESTRO" and "VSOCKpuppet," was likely developed as far back as February 2024, more than a year before VMware disclosed and patched the zero-day flaws in March 2025.
The exploit chain is complex, involving the disabling of VMware's own communication drivers, loading a malicious unsigned kernel driver, and using a combination of memory leak and arbitrary write vulnerabilities to break out of the VMX sandbox and establish a persistent backdoor on the ESXi host. This backdoor communicates over Virtual Sockets (VSOCK), a method that bypasses traditional network monitoring, making detection extremely difficult.
Why it Matters: This incident is a stark reminder that virtualisation does not equal isolation. The ability for an attacker to "escape" a virtual machine and compromise the hypervisor effectively dismantles the security architecture of a modern data center, exposing every other virtual machine on that host to compromise.
The attack demonstrates a level of sophistication and long-term planning characteristic of nation-state actors, who possess the resources to discover and weaponise zero-day vulnerabilities long before they are known to the public. The initial access vector—a compromised VPN—also highlights that even the most advanced attacks often begin by exploiting basic security hygiene failures.
With over 30,000 ESXi instances still exposed to the internet and potentially vulnerable, this campaign represents a significant and ongoing threat to enterprise and government networks, reinforcing the critical need for aggressive patching, network segmentation, and hypervisor-level security monitoring.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Canadian transcription firm VIQ Solutions has admitted to a significant data breach after subcontracting work to an Indian firm, e24 Technologies, exposing highly sensitive Australian federal and state court files. The incident, raises major national security concerns
Sydney-based fintech youX has confirmed a massive data breach exposing the personal and financial details of 444,538 Australian borrowers. An unsecured database left 141GB of data, including loan applications, driver's licences, and residential addresses, accessible for at least 10 months.
A critical pre‑authentication remote code execution flaw in BeyondTrust’s Remote Support and Privileged Remote Access allows unauthenticated attackers to run arbitrary commands on exposed appliances, enabling full system compromise and broad lateral movement.
Dutch telecom Odido confirms major cyberattack breached 6.2 million customers' personal data including names, addresses, bank account numbers details sparking serious identity theft concerns across the Netherlands
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
