Malware And CampaignsCampaign

Medusa ransomware affiliate using zero days and rapid exploitation of web facing systems

April 6, 2026BleepingComputer, Nicolas Krassas, The Cyber Security Hub™

Microsoft and multiple outlets link Medusa ransomware operations to Storm-1175, describing high-velocity campaigns that weaponize N-days and move quickly from initial access to exfiltration and ransomware deployment.

Open in PulseSee the full authority discussion →

QUOTES

Microsoft links Medusa ransomware affiliate to zero-day attacks

Storm-1175 operates high-velocity campaigns that weaponize N-days, targeting web-facing systems and rapidly moving from initial access to data exfiltration and deployment of Medusa ransomware.

VOICES

BleepingComputer

Nicolas Krassas

The Cyber Security Hub™

Blue Team News

Dark Web Informer

RELATED TERMS

ransomwarezero dayweb-facingmicrosoftzero dayransomware group

OTHER FINDINGS IN MALWARE AND CAMPAIGNS

Axios npm package compromise, WAVESHAPER.V2 cross platform RAT Handala Hack Telegram threat claiming imminent Lockheed Martin data leak Telnyx PyPI compromise (TeamPCP) shipping malware in telnyx 4.87.1/4.87.2

AMYGDALA PULSE

See what authorities are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new authority voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security