Storm-1175 exploits GoAnywhere MFT flaw CVE-2025-10035 in Medusa attacks, allowing easy remote code execution via License Servlet bug. A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability (CVE-2025-10035) in Medusa ransomware attacks for nearly a month. The vulnerability CVE-2025-10035 is a deserialization issue in the License Servlet of […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/183075/hacking/goanywhere-mft-zero-day-used-by-storm-1175-in-medusa-ransomware-campaigns.html
