MAESTRO Toolkit Exploiting VMware VM Escape Vulnerabilities

Cybersecurity researchers from Huntress detail a major VM Escape attack where hackers took over host servers. Using a secret toolkit called MAESTRO, the attackers stayed hidden for over a year. Read the exclusive details on how this breach was stopped and how to protect your network.

In December 2025, a security team caught a group of hackers just in time. Researchers Anna Pham and Matt Anderson from the firm Huntress recently detailed how these attackers managed to “escape” from a virtual machine to take over an entire host server. This research, shared with Hackread.com, reveals a toolkit that likely operated in secret for years.

As we know it, virtual machines (VMs) are like isolated digital rooms. If one gets a virus, the rest of the building should stay safe. However, these attackers used a VM Escape to break those walls. This allowed them to move from a guest computer ...