Bleeping Computer

Microsoft: Critical GoAnywhere bug exploited in ransomware attacks

A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month. Tracked as CVE-2025-10035, this ...
CSOonline

Fortra patches critical GoAnywhere MFT flaw akin to past ransomware exploits

Researchers warn organizations to immediately upgrade deployments of GoAnywhere MFT due to vulnerabilities that have been exploited in the past by ransomware gangs. Users of Fortra’s GoAnywhere MFT ...