Lucene search
K

5 matches found

HackRead
HackRead
added 2026/04/08 2:19 p.m.7 views

Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure

Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/07 6:35 a.m.19 views

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate "high-velocity" attacks and break into susceptible internet-facing systems. "The threat actor's high operational tempo and...

10CVSS7.4AI score0.99999EPSS
Exploits133
Microsoft Secure
Microsoft Secure
added 2026/04/06 4:0 p.m.20 views

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

In this article 1. Storm-1175’s rapid attack chain: From initial access to impact 2. Mitigation and protection guidance 3. Microsoft Defender detections 4. Indicators of compromise The financially motivated cybercriminal actor tracked by Microsoft Threat Intelligence as Storm-1175 operates...

10CVSS7.4AI score0.99999EPSS
Exploits162
The Hacker News
The Hacker News
added 2025/10/07 8:15 a.m.13 views

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware. The vulnerability is CVE-2025-10035 CVSS score: 10.0, a critical deserialization bug that could...

10CVSS8.8AI score0.99614EPSS
Exploits3
Microsoft Secure
Microsoft Secure
added 2025/10/06 5:0 p.m.12 views

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

On September 18, 2025, Fortra published a security advisory regarding a critical deserialization vulnerability in GoAnywhere MFT's License Servlet, which is tracked as CVE-2025-10035 and has a CVSS score of 10.0. The vulnerability could allow a threat actor with a validly forged license response...

10CVSS9AI score0.99614EPSS
Exploits3
Rows per page
Query Builder