CISA: VMware ESXi flaw now exploited in ransomware attacks

CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape ...
Bitdefender

Nitrogen ransomware ESXi bug makes decryption impossible even after payment

Nitrogen ransomware’s ESXi encryptor corrupts its own public key, making file recovery impossible, even if victims pay.
Que.com on MSN

Notepad++ hack, Office and ESXi zero-days fuel ransomware surge

A fresh wave of ransomware activity is being fueled by an uncomfortable mix of software supply-chain risk, rapidly weaponized zero-day ...

Nitrogen ransomware is so broken even the crooks can't unlock your files

Gang walks away with nothing, victims are left with irreparable hypervisors Cybersecurity experts usually advise victims ...
SDxCentral

CrowdStrike finds new ransomware-as-a-service group targeting VMware ESXi servers (5 tips to fight back)

CrowStrike discovered a new ransomware-as-a-service (RaaS) group — MichaelKors (formerly Qilin) — targeting VMware ESXi servers since last month. The VMware ESXi is a hypervisor that runs and manages ...

Now there's a ransomware that can't give your files back even if you pay

A true lose/lose situation.
Bleeping Computer

Scattered Spider is running a VMware ESXi hacking spree

Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors.
Opinion

CISA updated ransomware intel on 59 bugs last year without telling defenders

GreyNoise's Glenn Thorpe counts the cost of missed opportunities On 59 occasions throughout 2025, the US Cybersecurity and Infrastructure Security Agency (CISA) silently tweaked vulnerability notices ...