How to scare away your customers, exhibit 4821: #Broadcom #VMware:

"VMware distributor Arrow says minimum software subs set to jump from 16 to 72 cores.
Claims Broadcom will levy 20 percent #penalty for customers who don’t pay before renewal deadlines"

https://www.theregister.com/2025/03/28/arrow_vmware_licensing_change/

I don't know you, but if I were a customer for that product, I'd most probably start migration projects today.

#ProxLB - an opensource & advanced VM loadbalancer for #Proxmox clusters. Including affinity & anti-affinity rules, maintenance mode (evacuating nodes) and more. I just published my slides about it.

Project: https://github.com/gyptazy/ProxLB
Slides: https://cdn.gyptazy.com/files/talks/ProxLB-Intelligent-Workload-Balancing-for-Proxmox-Clusters.pdf

Them: we have until mid-April to renegotiate #VMware licensing fees with #Broadcom. We expect the cost to badly hurt.

Me: try calling #Vates. It seems they currently migrate plenty biz to #XCP_ng. They may have efficient migration tools now.

Them: we have to negotiate the licensing fees with Broadcom! This may hurt badly.

Me: ok

Seriously, Broadcom... what's the deal lately?

First up, we've got CVE-2025-22230 hitting VMware Tools for Windows. This nasty bug basically lets standard users inside a VM escalate their privileges to admin level. Yikes! With a CVSS score of 7.8, you'll want to jump on this fix ASAP. It impacts versions 11.x.x and 12.x.x, so upgrading to 12.5.1 needs to be right at the top of your list!

But wait, there's more. CrushFTP is also sounding the alarm about unauthenticated access vulnerabilities lurking on HTTP(S) ports in versions 10 and 11. It's definitely time to double-check those DMZ configurations. Rapid7 has confirmed that exploits are out there, allowing unauthorized access. Pretty intense, right?

Stuff like this is a stark reminder: while automated scans have their place, they just don't cut it alone. Real-deal penetration testing is absolutely essential. Those manual checks are what uncover the sneaky issues that automated tools often breeze right past.

What's your take on this recent wave? How are you keeping your own environments locked down tight? Let's talk

No April Fools' joke - the new #ProxLB release is scheduled for the 1st of April! Stay tuned!

ProxLB is an advanced #loadbalancer for #Proxmox clusters that brings in features like #DRS (known from #VMware), #maintenance mode and (anti-)#affinity groups.

What do you miss in #Proxmox or #XCPng?

My customers often told me, that when migrating from #VMware based setups, they would miss something like #DRS. As a result I published #ProxLB as a load balancer. Now, I do the same for #DPM and also some other things. What do you miss or what stops you or your business from switching to Proxmox or XCPng?

https://xcware.com is revolutionizing the cloud with Sky Computing! Unify AWS, Azure & on-prem into a seamless platform. Say goodbye to vendor lock-in & hello to flexibility.

In der #Schweiz sind etwas mehr als 130 Instanzen betroffen (Stand: gestern)

Attacken auf #VMware #ESXi: Immer noch zehntausende Server verwundbar | Security https://www.heise.de/news/Attacken-auf-VMware-ESXi-Immer-noch-zehntausende-Server-verwundbar-10307632.html #Patchday #VMwareESXi

Latest issue of my curated #cybersecurity and #infosec list of resources for week #10/2025 is out!

It includes the following and much more:

➝ #CYBERCOM and #CISA Told to Stop Tracking #Russia Actors;
➝ Alleged Black Basta #Ransomware Leader Escapes from Court;
➝ #VMWare 0day Vulnerabilities Being Exploited - Patch Now;
➝ Gang Claims Responsibility on Tata Technologies Breach;
➝ The Great Firewall of #China is Bleeding;

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end

https://infosec-mashup.santolaria.net/p/template-infosec-mashup-xx-2025-b3ff0d41bdc019b3

I get more & more mails from people who are happily using my #ProxLB (a loadbalancer for Proxmox) - feel free to leave me a note (if you like, even with some more details). This way, I can better understand the needs of the user base.

#proxmox #proxmoxve #lab #homelab #virtualization #vm #vps #vmware #alternatives #loadbalancer #lb #resourcescheduler #drs #opensource #community

https://github.com/gyptazy/ProxLB

Virtualization & Proxmox were trending topics in this year and the opportunity of #opensource projects to rise! With #ProxLB you can get features like #DRS (known from #VMware) into #Proxmox, but also several other features that are still missing in Proxmox. Open-Source products provide us the possibility to extend it to our needs.

Project: https://github.com/gyptazy/ProxLB

Broadcom is scaling back their ingenious #VMware plan to *only* service their top 2000 customers and instead they're saying that now they're going to service only their top 500 customers.

I'm a longtime VMware user and customer (ESXi and Workstation) and I feel utterly shafted.

Leaving hundreds of thousands of small customers who *want to continue using and buying your product* twisting in the wind because...why?

I haven't even been able to access the licenses and products I had previously paid for since the acquisition, let alone buy anything. I feel like I was robbed blind. What the hell is this?

Welp, time to switch everything over to #Proxmox.

https://www.theregister.com/2024/12/05/vmware_user_migration_plans/

Company claims 1,000 percent price hike drove it from VMware to open source rival

"Beeks Group, a cloud operator headquartered in the United Kingdom, has moved most of its 20,000-plus virtual machines (VMs) off VMware and to OpenNebula, an open source cloud and edge computing platform. Beeks Group sells virtual private servers and bare metal servers to financial service providers"

https://arstechnica.com/information-technology/2024/12/company-claims-1000-percent-price-hike-drove-it-from-vmware-to-open-source-rival/

Broadcom: Hey, guess what, we made VMware Fusion free. Enjoy, everyone!

Also Broadcom: …

#VMware Workstation Shifting From Proprietary Code To Using Upstream #KVM
This isn't an off-schedule April Fools' Joke or anything like that but an exciting sign of the times: VMware Workstation will be shifting off its proprietary base and onto leveraging the upstream #Linux Kernel-based #VirtualMachine (KVM) for #virtualization needs moving forward.
https://www.phoronix.com/news/VMware-Workstation-KVM

#HPE lets loose #VMEssentials to run on third-party platforms
#GreenLake update dangles juicy carrot for VMware refugees
While HPE #virtualization was announced as an embedded technology within its #privatecloud platforms, HPE VM Essentials will also be available as a standalone version that can run atop third-party infrastructure as well as the company's own gear, indicating a potential appeal to disgruntled #VMware customers.
https://www.theregister.com/2024/11/20/hpe_vm_essentials_greenlake/

Broadcom no longer license vmware workstation, it has become free.

However, to download it you need to register an account that is impossible.

But

Their website security is questionable.... so here is a download link *lol*

https://softwareupdate.vmware.com/cds/vmw-desktop/ws/