Pwn2Own Berlin 2025: Windows 11, VMware, Firefox and Others Hacked
The beginning of Pwn2Own Berlin 2025, hosted at the OffensiveCon conference, has concluded its first two days with…
VMware ESXi
VMware fixed three actively exploited zero-days in ESX products
Broadcom has addressed three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. Broadcom released security updates to address three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. The flaws, respectively tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, impact multiple VMware ESX products, including VMware ESXi, vSphere, […]
Now Abyss Locker also targets VMware ESXi servers
A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn. The operators behind the Abyss Locker developed a Linux variant that targets VMware ESXi servers expanding their potential targets. VMware ESXi servers are privileged targets of ransomware groups and are often part of enterprises’ infrastructures. […]
The post Now Abyss Locker also targets VMware ESXi servers appeared first on Security Affairs.
China-linked APT UNC3886 used VMware ESXi Zero-Day
A China-linked APT group tracked as UNC3886 has been spotted exploiting a VMware ESXi zero-day vulnerability. Mandiant researchers observed a China-linked cyberespionage group, tracked as UNC3886, exploiting a VMware ESXi zero-day vulnerability tracked as CVE-2023-20867. “VMware Tools contains an Authentication Bypass vulnerability in the vgauth module.” reads the advisory published by VMware. “A fully compromised […]
The post China-linked APT UNC3886 used VMware ESXi Zero-Day appeared first on Security Affairs.
US CISA releases a script to recover servers infected with ESXiArgs ransomware
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a script to recover VMware ESXi servers infected with ESXiArgs ransomware. Good news for the victims of the recent wave of ESXiArgs ransomware attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a script to allow them to recover encrypted VMware ESXi servers. The […]
The post US CISA releases a script to recover servers infected with ESXiArgs ransomware appeared first on Security Affairs.
Massive ransomware operation targets VMware ESXi: How to protect from this security threat
These ransomware infections on VMware ESXi software are due to a vulnerability that has existed since 2021. Find out the most targeted countries and how to secure your organization.
The post Massive ransomware operation targets VMware ESXi: How to prot…
VMware has no evidence of zero-day exploitation in ESXiArgs ransomware attacks
VMware said there is no evidence that threat actors are exploiting a zero-day flaw in its software as part of an ongoing ESXiArgs ransomware campaign. VMware said that it found no evidence that the threat actors behind the ongoing ESXiArgs ransomware attacks are leveraging a zero-day vulnerability in VMware ESXi servers. “VMware has not found evidence […]
The post VMware has no evidence of zero-day exploitation in ESXiArgs ransomware attacks appeared first on Security Affairs.
Royal Ransomware adds support for encrypting Linux, VMware ESXi systems
Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Other ransomware operators already support Linux encrypting, including AvosLocker, Black Basta, BlackMatter, HelloKitty, Hive, […]
The post Royal Ransomware adds support for encrypting Linux, VMware ESXi systems appeared first on Security Affairs.
Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers
The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. The attackers are attempting to exploit the CVE-2021–21974 vulnerability. According to the ACN, most of the attacks […]
The post Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers appeared first on Security Affairs.