// #esxi

2 articles

VMware ESXi Cross-Tenant Code Execution Demonstrated at Pwn2Own Berlin — $200K Prize for Single-Bug Hypervisor Escape

STARLabs SG earned $200,000 at Pwn2Own Berlin 2026 for a single vulnerability enabling cross-tenant code execution on VMware ESXi, allowing code running in one virtual machine to execute in a separate guest VM on the same hypervisor host. The bug has not been assigned a CVE and will not be publicly disclosed for up to 90 days.

May 16, 2026 #vmware +6

🛡️ SecOps

VECT 2.0 Ransomware Irreversibly Corrupts Files Over 131KB on Windows, Linux, and ESXi

VECT 2.0 is a new cross-platform ransomware variant that partially corrupts files larger than 131KB rather than encrypting them — rendering files permanently unrecoverable even after ransom payment, as the overwritten data cannot be reconstructed. Active campaigns have targeted manufacturing, logistics, and healthcare. Standard backup-based recovery strategies may fail against VECT 2.0 if backups were mounted or reachable at the time of attack.

May 1, 2026 #ransomware +6

Commentary tagged #esxi

Opinion

Hypervisor Escapes Should Change How Enterprise Architects Design Isolation — They Rarely Do

VMware ESXi cross-tenant code execution at Pwn2Own Berlin 2026 demonstrates again that virtualisation is not a security boundary. Yet enterprise architecture continues to treat hypervisor isolation as equivalent to physical isolation. The security implication of this assumption has been known for years and consistently under-acted upon.

CipherWatch Editorial

Security Intelligence Platform

May 17, 2026