In April 2025, a ransomware attack on Marks & Spencer paralyzed its core systems by encrypting its VMware ESXi hypervisors. The breach halted online sales, disrupted logistics, and left customers in limbo. With damages estimated at over $400 million, the attack revealed a growing trend in ransomware: infrastructure-layer targeting. This blog explores why hypervisors like ESXi are now a top attack vector for ransomware groups—and what retailers can do to strengthen virtual infrastruc...
