Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Posted on October 7, 2025 • 1 min read • 61 words

Share via

Link copied to clipboard

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware. The vulnerability is CVE-2025-10035 (CVSS score 10.0), a critical deserialization bug that could result in command injection without authentication. It was

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Read on Hackernews

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware. The vulnerability is CVE-2025-10035 (CVSS score: 10.0), a critical deserialization bug that could result in command injection without authentication. It was addressed in version 7.8.4, or the Sustain

13-Year-Old Redis Flaw Exposed CVSS 100 Vulnerability Lets Attackers Run Code Remotely

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

Everything coding, technology, and digital Life