Threats surrounding VMware ESXi servers have multiplied. At least two ransomware variants, including Royal Ransomware and ESXiArgs, were found launching attacks on the servers. The latter exploits an old VMware flaw, identified as CVE-2021-21974. With this, they has joined the likes of Black Basta, LockBit, BlackMatter, AvosLocker, REvil, HelloKitty, RansomEXX, and Hive to target Linux systems.