Microsoft identified the threat actor Storm-1175 as exploiting a critical vulnerability, CVE-2025-10035, in Fortra GoAnywhere software to deploy Medusa ransomware. This vulnerability is a deserialization bug that permits command injection without requiring authentication, making it severely impactful for affected systems. The flaw carries the highest CVSS score of 10.0, indicating critical severity and the urgent need for patching.
The vulnerability was addressed in Fortra GoAnywhere version 7.8.4 or later, but systems that have not upgraded remain at significant risk of ransomware attacks. The exploitation by Storm-1175 highlights an ongoing threat landscape where sophisticated actors leverage zero-authentication vulnerabilities for ransomware deployment. Organizations using Fortra GoAnywhere software must promptly update to reduce exposure to Medusa ransomware and similar threats.
This incident underscores the importance of timely patch management and continuous monitoring of critical software components. Failure to mitigate these risks can result in operational disruption, data loss, and financial damages caused by ransomware.
👉 Pročitaj original: The Hacker News
