A critical zero-day vulnerability in GoAnywhere MFT’s License Servlet is being actively exploited to deploy Medusa ransomware. On September 18, 2025, Fortra released an advisory disclosing CVE-2025-10035, a deserialization flaw with a perfect CVSS score of 10.0. Threat actors tracked as Storm-1175 have abused this issue to gain remote code execution (RCE) on exposed systems, […] The post GoAnywhere 0-Day RCE Actively Exploited to Deliver Medusa Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/goanywhere-0-day-rce-exploited-deliver-medusa-ransomware/
