CVE-2025-6789

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. (affected versions not specified)

Description A widespread ransomware campaign began in March 2026, impacting over 500 critical infrastructure organizations, including those in the energy and healthcare sectors, as well as more than 200 financial institutions. The attacks involved the deployment of CryptoLock 2.0 ransomware and the exfiltration of data, with over 1 million customer records and financial data stolen. The attacks demanded ransoms exceeding $10 million. The exploitation of the issue led to a major cyber heist and a significant disruption of services.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.