A new ransomware strain named Kyber has crossed a line no other has. It deploys post-quantum cryptography in live attacks. Security researchers at Rapid7 confirmed this week that the group’s Windows variant wraps its AES-256 file-encryption keys with ML-KEM1024, the strongest version of NIST’s freshly standardized key-encapsulation mechanism. Quantum computers? No threat here. But victims don’t know that. And that’s the point. Kyber emerged last September. It hit a major U.S. defense contractor in March, encrypting Windows servers and VMware ESXi hosts simultaneously. The Windows payload, coded in Rust, generates a random AES key. Files get scrambled fast with that symmetric cipher. Then ML-KEM1024 hides the AES key from everyone but the attackers. Straightforward swap for older RSA or elliptic-curve methods. Libraries make it easy; developers just add a dependency and call a function. The ESXi variant tells a different story. It claims post-quantum protection too.…