Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs

Mandiant’s ongoing investigation of UNC3886 has uncovered new details of threat actors’ TTPs.