MUST READ

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

DOJ releases details alleged talented hacker working for Jeffrey Epstein

 | 

Cyberattacks Disrupt Communications at Wind, Solar, and Heat Facilities in Poland

 | 

SmarterTools patches critical SmarterMail flaw allowing code execution

 | 

U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog

 | 

Empire Market co-founder faces 10 years to life after guilty plea

 | 

CVE-2025-22225

Pierluigi Paganini February 04, 2026
CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

Ransomware groups now exploit VMware ESXi vulnerability CVE-2025-22225, patched by Broadcom in March 2025. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirms that ransomware gangs are exploiting the VMware ESXi sandbox escape flaw CVE-2025-22225. The vulnerability is an arbitrary write issue in VMware ESXi. An attackers with privileges within the VMX process may trigger an arbitrary […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

Security / February 04, 2026

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

Deep Web / February 04, 2026

Paris raid on X focuses on child abuse material allegations

Cyber Crime / February 04, 2026

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

Hacking / February 04, 2026

Microsoft: Info-Stealing malware expands from Windows to macOS

Security / February 04, 2026