The financial sector is built on trust, speed, and constant availability. Despite publicly announcing their “retirement,” Scattered Spider has resurfaced with fresh intrusions into U.S. banks and financial services. Their latest ESXi attack on finance proves the...
Why The Board Should Act Now As hypervisor attacks surge and exposure widens, this once-overlooked layer now poses material risk to revenue, operations, and oversight. Ransomware on VMware ESXi has tripled YoY. Attackers have shifted to the virtualization layer that...
In 2024, one ransomware group surged to the forefront: RansomHub. Rapidly dominating the ransomware-as-a-service (RaaS) landscape, this formidable cybercriminal network successfully breached over 600 organizations worldwide, targeting sectors from healthcare and...
A new wave of ransomware actors is rewriting the rulebook, and their sights are set on the foundation of enterprise infrastructure: VMware ESXi. Scattered Spider—also tracked as UNC3944, 0ktapus, and Muddled Libra among others—is one of the most agile and dangerous...
In April 2025, Marks & Spencer—one of Britain’s most successful retailers—was crippled by a ransomware attack that didn’t just encrypt endpoints. It locked down VMware ESXi hypervisors, freezing core systems and bringing operations to a standstill. Sales were...
