unc3944

unc3944

Hypervisor Ransomware: CVE-2024-37085, AD Abuse, and the Escalating Threat to VMware ESXi Environments

Ransomware groups—including BlackCat/ALPHV, Black Basta, RansomHub, and Dark Angels—are increasingly targeting VMware ESXi and similar virtualization platforms using advanced hypervisor-level attack techniques. The exploitation of CVE-2024-37085..