The Medusa ransomware operators exploited the GoAnywhere MFT vulnerability one week before patches were released.

A newly discovered zero-day flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) software has become the latest target for ...

Microsoft is warning that a ransomware group is exploiting a maximum-severity vulnerability recently found in GoAnywhere ...

Medusa ransomware affiliates are among those exploiting a maximum-severity bug in Fortra's GoAnywhere managed file transfer ...

Microsoft warns it is seeing potential mass exploitation of a Fortra GoAnywhere vulnerability by a threat actor linked to the ...

Affiliates of Russian-speaking ransomware operation Medusa began targeting a zero-day vulnerability in widely used Fortra ...

Security experts are raising an alarm about the possibility of supply-chain attacks, particularly by hackers on GoAnywhere MFT, a popular enterprise file transfer solution. The critical severity bug ...

CVE-2025-10035 in GoAnywhere MFT allows critical command injection via license servlet Exploitation began before public disclosure; WatchTowr found credible in-the-wild evidence Users urged to patch ...

First identified in 2021, Medusa has snared over 300 global victims in critical infrastructure sectors, according to a joint ...

Microsoft links Storm-1175 to GoAnywhere flaw CVE-2025-10035, exploited since September for Medusa ransomware.

Now, security researchers found that figma-developer-mpc is vulnerable to a command injection flaw that allows threat actors ...

CVE-2025-10035 concerns a case of deserialization vulnerability in the License Servlet that could result in command injection without authentication. In a report earlier this week, Microsoft revealed ...