CVE-2025-33073 affecting VMware Aria Operations or adjacent VMware infrastructure is cited as an initial-access vector in The Gentlemen ransomware campaign, though upstream vendor confirmation from Broadcom/VMware is pending as of this writing. Post-exploitation activity confirmed in this campaign includes ESXi VM destruction, which makes VMware infrastructure a high-priority protection target regardless of the CVE’s confirmation status.