A new attack named VMScape allows malicious virtual machines to leak cryptographic keys from unmodified QEMU hypervisors on modern AMD and Intel CPUs, breaking the isolation between VMs and the cloud hypervisor. The researchers from ETH Zurich demonstrated that this attack could target cloud providers without needing to compromise the host, posing a significant risk to multi-tenant cloud security, although it requires advanced technical skills to execute. AMD and Intel have been notified, and mitigations have been released to address the vulnerability.