VMware Security & Compliance

We would like to bring your attention to a security bulletin from AMD: AMD-SN-2001: Ionic Driver Vulnerabilities. The bulletin details three vulnerabilities — CVE-2025-62623, CVE-2025-62624, and CVE-2025-62627 — present in the AMD ionic cloud driver for VMware ESX. These issues affect ESX hosts using AMD-Pensando DPU (Data Processing Unit) products. We strongly encourage you to … Continued The post AMD Ionic Driver Vulnerabilities Affecting VMware ESX appeared first on VMware Security Blog.

The Broadcom PSIRT Team (VCF Division) is pleased to announce VMware’s participation in Pwn2Own Berlin 2026, organized by the Zero Day Initiative (ZDI). The competition will run from May 14–16, alongside OffensiveCon in Berlin, Germany. Members of our team will be on-site to validate any VMescape demonstrations on ESX. If you are attending and have … Continued The post VMware at Pwn2Own Berlin 2026 appeared first on VMware Security Blog.

New enhancements include Self-Service Lateral Security with VCF Automation, Unified Lateral Threat Prevention for VMs and VKS Workloads, High-Performance Threat Prevention with IDPS Turbo Mode, and Enhanced Distributed Firewall capabilities. The rapid adoption of production AI workloads is reshaping the enterprise technology landscape, driving the growth of Kubernetes environments alongside existing VM-based infrastructure. As organizations … Continued The post VMware vDefend for VCF 9.1: Zero Trust Lateral Security for the AI Era appeared first on VMware Security Blog.

This article was originally published December 2025 in:     Hugely disruptive ransomware attacks can be thwarted by distributed lateral security embedded at the private cloud level, using macro- and micro-segmentation and integrated threat detection and prevention. Ransomware attacks in 2025 have caused business operations to close for weeks and months resulting in massive financial … Continued The post Breaking the Ransomware Kill Chain: Why Distributed Lateral Security Is No Longer Optional appeared first on VMware Security Blog.

As the digital landscape enters the age of Artificial Intelligence, the traditional methods of securing applications are being fundamentally challenged. The emergence of advanced AI models has shifted the advantage towards attackers. With AI, even a novice attacker is now weaponized into a sophisticated hacker while operating semi-autonomously at very low cost, and unprecedented scale. … Continued The post Virtual Patching: Guarding Against a Tsunami of AI-discovered Exploits with vDefend and Avi appeared first on VMware Security Blog.

In a cloud-native environment, Kubernetes-based containerized orchestration has brought developer agility – but it has also fundamentally changed the security paradigm. Traditional “castle-and-moat” security designs that rely on a perimeter firewall are no longer enough to protect modern workloads. Once an attacker breaches that outer shell, the flat network architecture common in many Kubernetes environments … Continued The post VMware vDefend: Zero Trust Lateral Security for Kubernetes Workloads on VCF appeared first on VMware Security Blog.

In September 2025, the cybercriminal group Storm-1175 exploited a zero-day vulnerability in GoAnywhere Managed File Transfer to deploy Medusa ransomware across multiple organizations. The attack succeeded despite perimeter defenses because no signature existed to detect it, and by the time one did, attackers had already established persistence and were moving freely through victim networks. This … Continued The post Why Perimeter Firewall is Not Enough: Lessons from the GoAnywhere MFT Zero-Day appeared first on VMware Security Blog.

The “Invisible Corridor” Security doesn’t break all at once; it erodes in the shadows. The alert didn’t appear to be a crisis because, to your perimeter, everything looked normal. An authorized user, a permitted port, and a standard protocol—on paper was a valid connection. In reality, it was the “keys to the kingdom” being handed … Continued The post Advancing Zero Trust Private Cloud with vDefend Lateral Security appeared first on VMware Security Blog.

This article was originally published May 2025 in: AI can transform Zero Trust security implementation and management from a complex manual and multi-year task into an highly-automated, rapidly-deployable solution for modern enterprises. As enterprises increasingly move workloads to private cloud for reasons such as performance, compliance and to leverage AI on-premise, security leaders face a … Continued The post Game changer: How AI simplifies implementation of Zero Trust security objectives appeared first on VMware Security Blog.

When deploying Zero Trust to quickly address security gaps and improve segmentation posture in a brownfield or greenfield environment, customers need a prescriptive, multi-stage segmentation workflow designed to progressively secure east-west traffic in the VMware Cloud Foundation (VCF) private cloud. vDefend delivers Distributed Firewall (DFW) 1-2-3-4* — an automated workflow that helps security administrators systematically … Continued The post vDefend DFW 1-2-3-4: Deploy Zero Trust Microsegmentation in a Few Weeks to Rapidly Secure VCF Workloads appeared first on VMware Security Blog.