BLOG POSTS

Scattered Spider: The Group Behind Major ESXi Ransomware Attacks
A new wave of ransomware actors is rewriting the rulebook, and their sights are set on the foundation of enterprise infrastructure: VMware ESXi. Scattered Spider—also tracked as UNC3944, 0ktapus, and Muddled Libra among others—is one of...

From Retail Floors to Virtual Cores: ESXi Is the Next Attack Vector in Retail
In April 2025, Marks & Spencer—one of Britain’s most successful retailers—was crippled by a ransomware attack that didn’t just encrypt endpoints. It locked down VMware ESXi hypervisors, freezing core systems and bringing operations to...

The Oversight That Could Cost You: Why Basic Hypervisor Protection Fails
Modern hypervisors form the backbone of today's cloud and virtualization environments. By enabling multiple business functions to reside on a single physical server, they enhance efficiency and reduce administrative overhead. As...

ZeroLock® Mitigates 100% of ESXi TTPs
MITRE ATT&CK v17 introduces a dedicated ESXi platform, marking a major shift in cybersecurity priorities. The new ESXi matrix spans 12 attack stages — adapting 34 Linux TTPs, carrying over 30 more, and introducing 4 ESXi-specific...

MITRE ATT&CK v17: Spotlighting ESXi
In a landmark update, MITRE ATT&CK v17 introduces a dedicated ESXi platform to its framework, bringing hypervisor threats into the spotlight. This move validates what security teams have been seeing for years: attackers are targeting...

Why ESXi Security in Manufacturing Can’t Wait
Industry 4.0 is transforming manufacturing, making operations smarter, faster, and more efficient. But with increased connectivity comes increased risk. Hypervisor threats are evolving fast—especially for organizations relying on VMware...

MITRE ATT&CK v17 Is Coming: What Security Teams Should Watch For
MITRE ATT&CK v17 is set to launch on April 22, 2025. While full details haven’t been released, a recent X post from MITRE suggests that VMware ESXi may be a new focus area—an important signal as concerns around ESXi ransomware...

Virtual Patching: How to Protect VMware ESXi from Zero-Day Exploits
Broadcom recently patched three VMware zero-days (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226), suspected to be actively exploited. These vulnerabilities allow attackers with VM admin access to break out, execute code on the...

ESXi Ransomware: The Growing Threat to Virtualized Environments
Ransomware has reshaped the cybersecurity landscape, and a disturbing new trend is emerging: the targeting of VMware ESXi environments. As the core of countless organizations’ IT infrastructures, VMware ESXi has become a prime target for...

Protecting Networks at Scale: The Cyber Imperative for Managed Providers
Cybersecurity has become a critical concern across industries, but Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) are facing mounting pressure to secure not only their own operations, but also the vast...

BUILDING IN ROBUSTNESS FROM THE START (Part 1): A Critical Look at Resilient Software Development
By Austin Gadient Challenges in Keeping Software Clean and A New Hope The recent global outage caused by an update to the CrowdStrike Falcon agent caused me to reflect on software development and software design practices, with a focus...

From Vision to Reality: Inside the Minds of Founders with Austin Gadient
In an interview with Oliver Paull, CEO and Founder of Rec Gen, Austin Gadient, the CTO and Co-Founder of Vali Cyber, provided insights into the genesis of our company. Originating from a personal mission to rectify a critical...

Vali Cyber® Announces Early Access to the First Ever Runtime Security Platform for ESXi
Vali Cyber, Inc., a next-generation provider of Linux cybersecurity solutions, announces that its autonomous zero-trust security platform, ZeroLock® has been expanded to protect ESXi hypervisors, 6.7+. With no other runtime security...

ZeroLock® Featured in WhiteHawk’s Top 10 Innovative Cyber Solutions of 2024
We are excited to share that ZeroLock® has been recognized by WhiteHawk in their prestigious list of the Top 10 Innovative Cyber Solutions of 2024! This honor highlights our dedication to pushing the boundaries of cybersecurity, offering...

Advancing Linux and ESXi Security: An Interview with TAG Infosphere
In an enlightening interview with Edward Amoroso, CEO of TAG Infosphere, our CTO and co-founder, Austin Gadient, delves right into the heart of Linux and ESXi security, unveiling the challenges that drove the creation of ZeroLock®. From...

The Critical Role of Hypervisor Security in the Financial Sector
Imagine a financial institution where all virtual machines—responsible for everything from customer transactions to trade executions—suddenly go dark. Operations freeze, data is locked, and millions are at stake. This is no hypothetical...