VMware vulnerability leads ransomware to encrypt mass virtual machines

Hackers are increasingly exploiting a vulnerability in VMware ESXi software to encrypt mass virtual machines, leading to a rise in ransomware attacks and large-scale data theft. The vulnerability, CVE-2024-37085, has a severity rating of 7 out of 10. Enterprise security company Broadcom has released a fix for this issue but has not detailed how the compromise occurs. The attack follows Broadcom’s acquisition of VMware in 2022.