<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Scattered Spider Ransomware Gang Targets VMware ESXi Servers in Critical U.S. Infrastructure Attack

Scattered Spider ransomware gang targeted VMware ESXi servers in critical U.S. infrastructure, causing major disruptions. CISA urges urgent security measures.
Content Team
By Content Team
Last updated:

The Scattered Spider cybercrime group launched sophisticated ransomware attacks on July 28, 2025, targeting VMware ESXi servers across critical U.S. infrastructure including retail and airline sectors. The hackers used stolen credentials and social engineering to hijack ESXi hypervisors, encrypting multiple virtual machines at once and causing widespread business disruptions.

CISA issued an urgent advisory urging organizations to patch vulnerable ESXi systems and strengthen access controls. Security experts say their evolving tactics make detection increasingly difficult for defenders. The attacks underscore urgent concerns about ransomware threats to virtualized environments that many organizations rely on for core operations.

Source: The Hacker News
Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo
YOU MAY ALSO LIKE
Vulnerabilities
CISA Warns of Critical Security Flaws in Major Industrial and Medical Devices
Jul 30, 2025
Vulnerabilities
Chinese Hackers Exploit VMware Flaws to Break Into Isolated Networks
Jul 31, 2025
Ransomware
New Gunra Ransomware Gang Launches Advanced Linux Variant With 100-Thread Encryption
Jul 30, 2025
Cyberattacks
Ontario Health Agency Hid Cyberattack from Patients for Months
Aug 1, 2025