China-linked snoops have been exploiting Dell 0-day since mid-2024, using 'ghost NICs' to avoid detection

00:05 - 18 Feb 2026

Full scale of infections remains 'unknown'

China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It's all part of a long-running effort to backdoor infected machines for long-term access, according to Google's Mandiant incident response team....