Widespread cyberattack hits servers across Europe

Ransomware
(Image credit: Pixabay)

Hackers are exploiting a known vulnerability in VMware’s ESXi servers on a huge scale, targeting endpoints across Europe and North America, government officials and company spokespeople have confirmed.

Italy’s National Cybersecurity Agency (ACN) has warned businesses using these VMware products to update their devices immediately, and thus stay safe from the ongoing cybercrime campaign. 

ANSA (a major Italian news agency) further said that besides servers in Italy, hackers also targeted those located in France, Finland, the United States, and Canada. 

500 victims and counting

Reports have claimed “dozens” of organizations in Italy were affected by the campaign. The agency says companies were warned to take action “to avoid being locked out of their systems”, suggesting that the attackers were using the vulnerability in ransomware campaigns. 

Across the Atlantic, US cybersecurity officials were analyzing the incoming reports:

"CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed," Reuters cited the US Cybersecurity and Infrastructure Security Agency.

A VMware spokesperson said the hackers were abusing a flaw that was discovered in early 2021, and patched in February of that year. The company also urged its customers to apply the patch immediately. 

A separate report published by The Stack claims more than 500 companies have so far been affected by the campaign and indeed, it was a ransomware attack. Businesses in France are allegedly worst-hit. The country’s national government computer security incident response team, CERT-FR, says the attack is semi-automated, targeting servers vulnerable to CVE-2021-21974.

The flaw is described as an OpenSLP HeapOverflow vulnerability, allowing threat actors to execute code remotely.

So far, we don’t know which ransomware group initiated the attack and which encryptor is being deployed, but reports are saying that roughly 20 servers get hit every hour.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A person holding out their hand with a digital AI symbol.
This ransomware gang is using SSH tunnels to target VMware appliances
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
vpn
Ivanti warns another critical security flaw is being attacked
Best free Linux firewalls
Fortinet warns a critical vulnerability in its systems could let attackers breach company networks
The best free firewall
Palo Alto warns another major firewall hack has been detected
Latest in Security
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Latest in News
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Nespresso Vertuo Pop machine in Candy Pink with coffee drinks and capsules
My favorite Nespresso coffee maker just got a fresh new makeover, and now I love it even more
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC