Tagged: CVE-2025-10035

October 8, 2025

Medusa Ransomware Group Actively Exploiting Critical GoAnywhere Flaw

The Storm-1175 group, linked to the operators behind the Medusa ransomware, has been actively exploiting a critical vulnerability in GoAnywhere MFT for nearly a month to infiltrate corporate networks. The flaw, tracked as CVE-2025-10035,...

Vulnerability

September 29, 2025

GoAnywhere MFT Zero-Day Actively Exploited for Days Before Patch Release

Researchers from WatchTowr Labs have reported active exploitation of a critical vulnerability in Fortra’s GoAnywhere MFT file transfer management system. Tracked as CVE-2025-10035, the flaw stems from a deserialization bug in the License Servlet...