SOC Prime
Storm-1175 group exploits CVE-2025-10035, a critical GoAnywhere MFT vulnerability enabling command injection & RCE, followed by deployment of Medusa ransomware. Stay ahead of the threat with curated detection content from SOC Prime Platform.
https://socprime.com/blog/detect-cve-2025-10035-exploitation/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post
CVE-2025-10035 Detection: Storm-1175 Exploits a Critical Fortra GoAnywhere MFT Vulnerability to Deploy Medusa Ransomware | SOC Prime

Detect CVE-2025-10035 exploitation attempts, a critical GoAnywhere vulnerability used by the Storm-1175 group, with Sigma rules from SOC Prime Platform.

SOC Prime
Oct 10 at 12:55pmWeb