India, Dec. 5 -- CrowdStrike has revealed a series of sophisticated intrusions throughout 2025 linked to a newly identified China-nexus adversary, WARP PANDA, which has been actively compromising VMware vCenter environments across U.S.-based legal, technology, and manufacturing entities. The threat actor has deployed a complex malware stack, including BRICKSTORM, Junction, and GuestConduit, designed specifically to infiltrate vCenter and ESXi environments while maintaining long-term, covert access.

CrowdStrike's analysis shows that WARP PANDA demonstrates advanced operational security, deep knowledge of cloud and virtualised environments, and a strategic focus on intelligence collection aligned with the interests of the People's Republic...