New ransomware, dubbed RedAlert or N13V, encrypts both Linux and Windows VMware ESXi servers on corporate networks. Currently, the group has only one victim listed on its data leak site. Similar to other enterprise-targeting ransomware operations, RedAlert carries out double-extortion attacks, in which data is stolen and then ransomware is deployed to encrypt devices.