Microsoft Connects GoAnywhere Zero-Day to Ransomware Campaigns

October 7, 2025 at 08:15 AM

•

1 min read

Microsoft Connects GoAnywhere Zero-Day to Ransomware Campaigns — Photo: The Hacker News

TL;DR Summary

Microsoft links the threat group Storm-1175 to exploiting a critical deserialization vulnerability in Fortra GoAnywhere (CVE-2025-10035) to deploy Medusa ransomware, with active exploitation since September 2025, involving system compromise, lateral movement, and data exfiltration.

Topics:technology #cve-2025-10035 #goanywhere #medusa-ransomware #microsoft #security #storm-1175

Share this article

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware The Hacker News
Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Microsoft
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks BleepingComputer
Microsoft Links ‘Active Exploitation’ Of GoAnywhere To Cybercrime Group CRN Magazine
Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks SecurityWeek

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

92%

427 → 34 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights