Cybercriminal group Storm-1175 exploited a critical vulnerability in Fortraβs GoAnywhere to deploy Medusa ransomware, affecting over 300 organizations across various sectors. Authorities advise urgent patching and raise concerns about prolonged silent attacks and potential data breaches. #CVE202510035 #MedusaRansomware
Keypoints
- Cybercriminals targeted Fortraβs GoAnywhere vulnerability CVE-2025-10035 for initial access.
- Storm-1175 used remote tools like SimpleHelp and MeshAgent for lateral movement.
- The Medusa ransomware has impacted over 300 organizations globally since 2021.
- Authorities confirmed exploitation and ordered federal agencies to patch by October 20.
- Organizations remain in the dark about how threat actors obtained private keys for the attack.
Read More: https://therecord.media/medusa-ransomware-exploited-file-transfer