Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft has linked the threat actor Storm-1175 to the exploitation of a critical vulnerability in Fortra GoAnywhere software, which has been used to deploy Medusa ransomware. The vulnerability, identified as CVE-2025-10035, has a CVSS score of 10.0 and allows for command injection without authentication.