CISA Confirms Ransomware Groups Exploiting Critical VMware ESXi Sandbox Escape Vulnerability

On May 15, 2024, CISA confirmed that ransomware groups are now exploiting a critical sandbox escape vulnerability affecting VMware ESXi. This flaw, previously used in zero-day attacks, enables privilege escalation. No specific CVE reference or attacker groups are mentioned. The impact includes data encryption and ransomware deployment on virtualized infrastructures. The vulnerability targets VMware ESXi environments, with no details provided on affected versions.