CISA Warns of VMware ESXi 0-day Vulnerability Exploited in Ransomware Attacks

Thu Feb 05 2026

Ransomware

Technology

Vulnerability

Zero-day

cybersecuritynews.com

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently confirmed that ransomware groups are actively exploiting CVE-2025-22225, a high-severity VMware ESXi sandbox escape vulnerability. This flaw, patched by Broadcom in March 2025, enables attackers to escape virtual machine isolation and deploy ransomware across hypervisors. CVE-2025-22225 is an arbitrary write vulnerability in VMware ESXi, rated Important […] The post CISA Warns of VMware ESXi 0-day Vulnerability Exploited in Ransomware Attacks appeared first on Cyber Security News.