Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Critical deserialization vulnerability CVE-2025-10035 in Fortra GoAnywhere enabled Storm-1175 to deploy Medusa ransomware via RMM tools, RCE, and lateral movement.
Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure
An unsafe deserialization flaw (CVE-2025-10035) in Fortra GoAnywhere permits unauthenticated command injection and was actively exploited in the wild by at least September 10, 2025.
