Iranian threat actor Rocket Kitten has been distributing the Core Impact penetration testing tool by exploiting a remote code execution flaw in VMware Workspace ONE Access and Identity Manager, which was already addressed by VMware early this month, The Hacker News reports.