This was pretty big news over the CS world, was surprised it did not get a mention here. (If it did, sorry I missed it)
Oracle has disclosed multiple critical vulnerabilities in its Oracle VM VirtualBox virtualization software, potentially allowing attackers to achieve complete control over the VirtualBox environment.
These flaws, detailed in the October 2025 Critical Patch Update (CPU), affect the Core component of VirtualBox versions 7.1.12 and 7.2.2, enabling high-privileged local attackers to compromise confidentiality, integrity, and availability with devastating consequences.
The disclosure highlights the ongoing risks in virtualization platforms, where even local access can lead to broader system impacts due to scope changes.
Experts warn that these vulnerabilities could facilitate full takeover scenarios, making immediate patching essential for users relying on VirtualBox for development, testing, and secure isolation.
(On the other side I know UTM is not supported as yet but it does have some interesting perks.
Open source, full sandboxing, easy readonly switching etc. etc.. It can also run on phones and ipads etc.. But yeah I know Apple 