https://cybercrime.club/tags/rapid7/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usThu, 23 Apr 2026 19:13:40 -0400https://cybercrime.club/posts/kyber-ransomware-post-quantum-esxi-windows-dual-variant/Thu, 23 Apr 2026 19:13:40 -0400https://cybercrime.club/posts/kyber-ransomware-post-quantum-esxi-windows-dual-variant/Rapid7 recovered two Kyber variants from a single incident: a Rust-based Windows encryptor that actually implements Kyber1024 + X25519 + AES-CTR, and an ESXi encryptor whose 'post-quantum' claim is just ChaCha8 under RSA-4096. Same campaign ID, same Tor infrastructure, same affiliate.ransomware