Unpatched 2018 vCenter at Ikeja Electric exploited to spread ransomware across VMs

- An unpatched 2018 vCenter server was exploited to move ransomware across virtual infrastructure at Ikeja Electric, gaining domain‑admin via an unrestricted file upload. - The compromise spread to more than 50 ESXi hosts and allowed broad VM access plus credential escalation that resulted in domain‑admin control. - Researchers warn many 2018 vCenter installs remain unpatched and led to real‑world ransomware at Ikeja Electric. (x.com) (x.com)