- ByteSize
- Posts
- Ransomware Ran-Some-Where Into Your VMware (Plus Chinese Hackers & Skype's Goodbye)
Ransomware Ran-Some-Where Into Your VMware (Plus Chinese Hackers & Skype's Goodbye)
We've also got the scoop on Digg's zombie revival, Intel's processor flexing contest, and a lab tech job that's basically "Breaking Bad" with better equipment.
Hold on to your keyboards!
Exactly 16 years ago today, Google unveiled Google Voice, transforming how we think about phone numbers forever. The service – rebranded from the $95 million GrandCentral acquisition – introduced revolutionary features like voicemail transcription (which, at first, turned your voicemails into what sounded like a ransom note written by a malfunctioning AI.), free PC-to-PC calling, and one number to ring all your devices.
Back then, if you had two phones, people either assumed you were a CEO or deeply involved in questionable activities. Google Voice changed that, making dual phones as obsolete as remembering phone numbers.
VMware Guests Check In, But They Don't Check Out: The ESXicape Crisis
Bad news for VMware users: Three critical vulnerabilities, ominously dubbed "ESXicape," are being actively exploited in the wild. According to TechCrunch, Broadcom—VMware’s new parent company—is urging users to patch ASAP before attackers take full advantage. These flaws impact VMware ESXi, Workstation, and Fusion, the foundation of countless corporate virtualization environments.
And here’s where it gets terrifying: These bugs let attackers with admin access on a virtual machine break out of their sandbox and seize control of the underlying hypervisor. That means they could potentially access every other virtual machine on the same physical server—even ones belonging to completely different companies. Imagine renting an apartment and suddenly finding yourself with a master key to every unit in the building. Yeah, not great.
Security researcher Kevin Beaumont warns that a ransomware group is already exploiting these flaws, which isn’t shocking given VMware’s long-standing appeal to cybercriminals. Remember the "ESXiArgs" ransomware campaign in 2023 that crippled thousands of organizations? Well, it’s back—like a bad sequel no one asked for.
To underscore the urgency, CISA has officially added these vulnerabilities to its "Known Exploited Vulnerabilities" catalog. If you're running VMware products, consider this your flashing red alert: Patch. Now.
Chinese Hackers Go Shopping in Your Supply Chain
Microsoft is sounding the alarm… "Silk Typhoon," not to be confused with a Jackie Chan action flick, has switched up its tactics. The Chinese state-sponsored group isn't just hacking networks—they’re borrowing your credentials and letting themselves in like bad roommates. As reported by Bleeping Computer, instead of targeting companies directly, they’re going after IT supply chains – hijacking remote management tools and cloud services to hit downstream customers where it hurts.
You've also definitely heard of "Silk Typhoon" before. These are the same hackers who breached the U.S. Office of Foreign Assets Control (OFAC) in December 2024. At this point, Chinese state-sponsored hackers are treating GitHub like a lost-and-found for API keys. Yup. They've been scouring the developer platform for leaked API keys, misusing legit cloud services to steal data, and wiping logs to cover their tracks. To pull it off, they’ve built what Microsoft calls a "CovertNetwork"—a web of compromised Cyberoam appliances, Zyxel routers, and QNAP devices, all repurposed as attack launchpads.
It’s basically the cybersecurity version of "why pick the lock when you can just steal the keys?"—and unfortunately, it’s working. Government, healthcare, defense, education, and energy sectors are all in the crosshairs.
R.I.P. Skype – The OG That Made Cops and Spies Equally Furious
Pour one out for Skype, the OG of online calls. Microsoft is pulling the plug on May 5th, marking the end of a 20+ year run where it connected people across the globe—from awkward job interviews to family calls that always ended with your dad yelling, “Can you hear me now?!”
At its peak, Skype boasted 300 million users (now down to a modest 36 million—about the same number still arguing about the Star Wars sequel trilogy online). But its biggest legacy is that it was the first major communication platform to offer end-to-end encryption.
Back in 2003, this was groundbreaking—so much so that law enforcement agencies absolutely hated it. Italy’s Polizia Postale literally hired the Hacking Team (yes, that shady spyware group) just to break into Skype calls. Meanwhile, China ran a government-approved version with built-in surveillance, and post-Snowden, we learned Microsoft even gave the NSA a backdoor pass, because of course they did.
⚙️ Tool Time
We recommend UltraEdit.
If Notepad is a tricycle in the Tour de France, UltraEdit is Lance Armstrong on a bike with all the enhanced gears – including ones you didn't know existed but suddenly can't live without. This powerhouse text editor works across Windows, Mac, and Linux with a single license that covers up to three machines.
UltraEdit combines text, code, hex, HTML, and XML/JSON editing capabilities with robust search and replace features that make finding that one pesky character in a massive codebase actually doable. The integrated FTP client lets you edit server files directly, and it comes bundled with UltraCompare for comprehensive file comparison and merging.
What really sets UltraEdit apart from the competition:
Handles files over 4GB with streaming mode that won't bring your system to its knees
Includes built-in JSON and XML managers for working with complex data structures
Features a built-in terminal for PowerShell access without app-switching
Supports user-recordable macros for automating repetitive tasks
Provides column/block editing for working with tabular data
Offers customizable syntax highlighting for nearly any programming language
Includes robust project management tools to organize related files
EE community member @gr8gonzo particularly loves UltraEdit's macro capabilities: "User-recordable macros (one shortcut to start and stop recording keystrokes, another shortcut to replay them)" – perfect for automating repetitive tasks. Plus, features like column editing, template support, and custom syntax highlighting make this a must-have for serious coders.
It's not free, but for the productivity boost it provides, many developers find it worth every penny.
👨💻 Job Opportunities
AWS Glue giving you separation anxiety? Habemco needs someone who can translate business goals into cloud solutions without consulting Stack Overflow every 5 minutes.
Can you make Workday's Prism Analytics sing like Baby Yoda eating a frog? Zensar wants someone with +8 years of experience who can explain complex data to executives with the attention span of a TikTok user.
Genmab needs someone to keep their cancer-research lab tech running smoother than the CGI in the Captain America: Brave New World movie. You'll be the Obi-Wan of lab IT systems while being compliant with more acronyms (GLP, GDPR) than a government conspiracy theory. Think "Breaking Bad" but with better equipment and fewer explosions.
🛩 Industry Moves
UK Watchdog group Competition and Markets Authority (CMA) has until July 2025 to decide if Microsoft’s cloud growth is a threat or just really good SEO. Meanwhile, Microsoft fired back with 101 pages of "No, you," accusing Google of flexing cloud muscles while mocking Microsoft's gains—basically tech industry Mean Girls.
Digg's back from its early 2000s grave – this time with its OG founder Kevin Rose and Reddit’s Alexis Ohanian on board. Their so-called "secret sauce" is to use AI moderators to clean up comment sections—because nothing says "better community" like letting robots handle human drama.
Trump's new tariffs on Canada, Mexico, and China are threatening to deliver a critical hit to physical game media. Analysts warn that new tariffs could spell "GAME OVER" for physical media, making your old Xbox 360 disc collection a retirement plan.
Intel’s new Core Ultra processors are here to make your old laptop feel like it's running on dial-up—boasting performance gains so wild, even your RGB setup might blush.
💽 Data Upload
Our Experts Exchange community is solving digital puzzles faster than you can say "have you tried turning it off and on again":
And there you have it—another ByteSize in the books! We saw old platforms rise, new vulnerabilities exposed, and probably triggered your update anxiety. Now’s a solid time to update your systems—or, let’s be real, open another tab and get lost in cat memes.
Enjoyed the news? Discuss over on Experts Exchange.
Got news to share or topics you'd like us to cover? Send ‘em our way. We can’t wait to hear from you. Really.
And hey… psst… are you interested in sponsoring our newsletter and reaching a passionate, engaged community of IT professionals across the globe? Reach out here.