{"id":127873,"date":"2025-10-08T01:10:01","date_gmt":"2025-10-07T19:40:01","guid":{"rendered":"https:\/\/www.techworm.net\/?p=127873"},"modified":"2025-10-08T01:10:01","modified_gmt":"2025-10-07T19:40:01","slug":"microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks","status":"publish","type":"post","link":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html","title":{"rendered":"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks"},"content":{"rendered":"<p>A newly discovered zero-day flaw in Fortra\u2019s GoAnywhere Managed File Transfer (MFT) software has become the latest target for Medusa ransomware attackers, Microsoft confirmed this week.<\/p>\n<p>The flaw, CVE-2025-10035, carries a maximum 10.0 CVSS score and stems from a deserialization weakness in GoAnywhere MFT\u2019s License Servlet Admin Console versions up to 7.8.3. It allows attackers to remotely execute arbitrary code on unpatched servers \u2014 even without authentication in some cases \u2014 making it a prime target for ransomware operators.<\/p>\n<p>According to Microsoft Threat Intelligence, a cybercrime group known as Storm-1175, a Medusa ransomware affiliate, began exploiting the flaw as early as September 11, 2025, nearly a week before vendor Fortra issued its patch on September 18, 2025.<\/p>\n<p>Security researchers at WatchTowr Labs later confirmed that the flaw had been used as a zero-day, compromising several organizations before the patch was released.<\/p>\n<p>\u201cMicrosoft Defender researchers identified exploitation activity in multiple organizations aligned to tactics, techniques, and procedures (TTPs) attributed to Storm-1175,\u201d Microsoft <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/10\/06\/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability\/\" target=\"_blank\" rel=\"noopener nofollow noreferrer\" data-wpel-link=\"external\">said in its advisory<\/a> while confirming WatchTowr Labs&#8217; report.<\/p>\n<p><strong>Inside The Attack Chain (From Exploit To Encryption)<\/strong><\/p>\n<p>The exploitation campaign follows a familiar multi-stage pattern seen in previous Medusa operations:<\/p>\n<ol>\n<li><strong>Initial Access<\/strong> \u2013 Storm-1175 exploited the GoAnywhere deserialization flaw to break into corporate systems.<\/li>\n<li><strong>Persistence<\/strong> \u2013 The group installed remote monitoring and management (RMM) tools like <em>SimpleHelp<\/em> and <em>MeshAgent<\/em> to maintain control, often disguising them within GoAnywhere\u2019s own process directories.<\/li>\n<li><strong>Post-Exploitation<\/strong> \u2013 The intruders deployed\u00a0<em>.jsp\u00a0<\/em>files\u00a0within the GoAnywhere MFT directories, ran network scans, and performed user and system reconnaissance.<\/li>\n<li><strong>Network Discovery<\/strong> \u2013 Attackers scanned networks using <em data-start=\"3201\" data-end=\"3210\">Netscan<\/em> and conducted user reconnaissance.<\/li>\n<li><strong>Lateral Movement<\/strong> \u2013 Using Microsoft\u2019s Remote Desktop Connection (<em>exe<\/em>), the attackers moved across systems within the compromised network.<\/li>\n<li><strong>Command &amp; Control (C2)<\/strong>: Setting up a Cloudflare tunnel for secure C2 communication.<\/li>\n<li><strong>Exfiltration<\/strong> \u2013 Finally, they used Rclone to steal data before deploying Medusa ransomware, encrypting systems, and demanding payment.<\/li>\n<\/ol>\n<p>In at least one confirmed case, Microsoft observed a full Medusa ransomware payload being deployed after the attackers had established control.<\/p>\n<p><strong>Fortra Under Fire<\/strong><\/p>\n<p>Security experts criticized Fortra for quietly issuing a patch on September 18, 2025, without warning users that the flaw was under active exploitation.<\/p>\n<p>Benjamin Harris, CEO of WatchTowr Labs, said Microsoft\u2019s findings &#8220;confirmed what we feared. Organizations running GoAnywhere MFT have effectively been under silent assault since at least September 11, with little clarity from Fortra.&#8221; He called for transparency, asking how attackers obtained the keys needed to exploit the flaw.<\/p>\n<p>The Shadowserver Foundation reports that more than 500 GoAnywhere MFT instances remain exposed online, though it\u2019s unclear how many have been patched.<\/p>\n<p><strong>What Users Should Do <\/strong><\/p>\n<p>Microsoft and Fortra are urging all customers to upgrade to the latest version immediately and review their systems for signs of compromise \u2014 especially errors containing \u201cSignedObject.getObject\u201d in logs.<\/p>\n<p>Microsoft also recommends:<\/p>\n<ul>\n<li>Restricting external access to GoAnywhere Admin Consoles.<\/li>\n<li>Running endpoint detection and response (EDR) tools in block mode.<\/li>\n<li>Enabling attack surface reduction rules to prevent ransomware tactics.<\/li>\n<\/ul>\n<p>Fortra emphasized that while patching fixes the flaw, it doesn\u2019t undo earlier breaches, urging organizations to conduct forensic reviews.<\/p>\n<p><strong>Bottom Line<\/strong><\/p>\n<p>Organizations using GoAnywhere MFT should patch immediately, lock down internet access, and check for any signs of compromise. The Medusa group\u2019s campaign is a stark reminder that even trusted enterprise tools can become gateways to large-scale ransomware attacks if not properly secured.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A newly discovered zero-day flaw in Fortra\u2019s GoAnywhere Managed File Transfer (MFT) software has become the latest target for Medusa ransomware attackers, Microsoft confirmed this week. The flaw, CVE-2025-10035, carries a maximum 10.0 CVSS score and stems from a deserialization weakness in GoAnywhere MFT\u2019s License Servlet Admin Console versions up to 7.8.3. It allows attackers [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":127875,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[48520,91,3141],"tags":[64556,64554,64558,64555,62611,64485,6794,6775,64557],"class_list":{"0":"post-127873","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security","8":"category-microsoft","9":"category-news","10":"tag-fortra","11":"tag-goanywhere","12":"tag-goanywhere-mft","13":"tag-managed-file-transfer","14":"tag-medusa-ransomware","15":"tag-mft","16":"tag-microsoft","17":"tag-ransomware","18":"tag-storm-1175"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks &#187; TechWorm<\/title>\n<meta name=\"description\" content=\"Microsoft has confirmed that attackers linked to the Medusa ransomware group are exploiting a critical flaw in Fortra\u2019s GoAnywhere MFT files\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks\" \/>\n<meta property=\"og:description\" content=\"A newly discovered zero-day flaw in Fortra\u2019s GoAnywhere Managed File Transfer (MFT) software has become the latest target for Medusa ransomware attackers,\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html\" \/>\n<meta property=\"og:site_name\" content=\"TechWorm\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/techworm.in\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/techbug9\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-07T19:40:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"675\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kavita Iyer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Purplemoonkavs\" \/>\n<meta name=\"twitter:site\" content=\"@Techworm_in\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html\"},\"author\":{\"name\":\"Kavita Iyer\",\"@id\":\"https:\/\/www.techworm.net\/#\/schema\/person\/0bad644d3627b673312e064f7343640a\"},\"headline\":\"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks\",\"datePublished\":\"2025-10-07T19:40:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html\"},\"wordCount\":555,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.techworm.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg\",\"keywords\":[\"Fortra\",\"GoAnywhere\",\"GoAnywhere MFT\",\"Managed File Transfer\",\"Medusa ransomware\",\"MFT\",\"Microsoft\",\"Ransomware\",\"Storm-1175\"],\"articleSection\":[\"Cyber Security\",\"Microsoft\",\"News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#respond\"]}],\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\/\/www.techworm.net\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html\",\"url\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html\",\"name\":\"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks &#187; TechWorm\",\"isPartOf\":{\"@id\":\"https:\/\/www.techworm.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg\",\"datePublished\":\"2025-10-07T19:40:01+00:00\",\"description\":\"Microsoft has confirmed that attackers linked to the Medusa ransomware group are exploiting a critical flaw in Fortra\u2019s GoAnywhere MFT files\",\"breadcrumb\":{\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#primaryimage\",\"url\":\"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg\",\"contentUrl\":\"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg\",\"width\":1200,\"height\":675,\"caption\":\"Goanywhere flaw used in cyberattack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.techworm.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"News\",\"item\":\"https:\/\/www.techworm.net\/category\/news\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.techworm.net\/#website\",\"url\":\"https:\/\/www.techworm.net\/\",\"name\":\"TechWorm\",\"description\":\"The Tech Hub\",\"publisher\":{\"@id\":\"https:\/\/www.techworm.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.techworm.net\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.techworm.net\/#organization\",\"name\":\"Techworm\",\"url\":\"https:\/\/www.techworm.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techworm.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.techworm.net\/wp-content\/uploads\/2019\/12\/TECHWORM-FOOTER-LOGO.png\",\"contentUrl\":\"https:\/\/www.techworm.net\/wp-content\/uploads\/2019\/12\/TECHWORM-FOOTER-LOGO.png\",\"width\":300,\"height\":64,\"caption\":\"Techworm\"},\"image\":{\"@id\":\"https:\/\/www.techworm.net\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/techworm.in\",\"https:\/\/x.com\/Techworm_in\",\"https:\/\/www.instagram.com\/techworm_in\/\",\"https:\/\/www.linkedin.com\/company\/9221219\",\"https:\/\/www.youtube.com\/channel\/UCpa9W_3YE1c9Iu4j2ifxzsg\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.techworm.net\/#\/schema\/person\/0bad644d3627b673312e064f7343640a\",\"name\":\"Kavita Iyer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/5b0dce85b2cf49a0bb24826eb3d6315cd1f8f75a202563ba2d1985358c134ff7?s=96&d=wavatar&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5b0dce85b2cf49a0bb24826eb3d6315cd1f8f75a202563ba2d1985358c134ff7?s=96&d=wavatar&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5b0dce85b2cf49a0bb24826eb3d6315cd1f8f75a202563ba2d1985358c134ff7?s=96&d=wavatar&r=g\",\"caption\":\"Kavita Iyer\"},\"description\":\"An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!\",\"sameAs\":[\"https:\/\/www.techworm.net\",\"https:\/\/www.facebook.com\/techbug9\",\"https:\/\/x.com\/Purplemoonkavs\"],\"url\":\"https:\/\/www.techworm.net\/author\/kavita-iyer\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks &#187; TechWorm","description":"Microsoft has confirmed that attackers linked to the Medusa ransomware group are exploiting a critical flaw in Fortra\u2019s GoAnywhere MFT files","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html","og_locale":"en_US","og_type":"article","og_title":"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks","og_description":"A newly discovered zero-day flaw in Fortra\u2019s GoAnywhere Managed File Transfer (MFT) software has become the latest target for Medusa ransomware attackers,","og_url":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html","og_site_name":"TechWorm","article_publisher":"https:\/\/www.facebook.com\/techworm.in","article_author":"https:\/\/www.facebook.com\/techbug9","article_published_time":"2025-10-07T19:40:01+00:00","og_image":[{"width":1200,"height":675,"url":"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg","type":"image\/jpeg"}],"author":"Kavita Iyer","twitter_card":"summary_large_image","twitter_creator":"@Purplemoonkavs","twitter_site":"@Techworm_in","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#article","isPartOf":{"@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html"},"author":{"name":"Kavita Iyer","@id":"https:\/\/www.techworm.net\/#\/schema\/person\/0bad644d3627b673312e064f7343640a"},"headline":"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks","datePublished":"2025-10-07T19:40:01+00:00","mainEntityOfPage":{"@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html"},"wordCount":555,"commentCount":0,"publisher":{"@id":"https:\/\/www.techworm.net\/#organization"},"image":{"@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#primaryimage"},"thumbnailUrl":"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg","keywords":["Fortra","GoAnywhere","GoAnywhere MFT","Managed File Transfer","Medusa ransomware","MFT","Microsoft","Ransomware","Storm-1175"],"articleSection":["Cyber Security","Microsoft","News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#respond"]}],"copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/www.techworm.net\/#organization"}},{"@type":"WebPage","@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html","url":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html","name":"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks &#187; TechWorm","isPartOf":{"@id":"https:\/\/www.techworm.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#primaryimage"},"image":{"@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#primaryimage"},"thumbnailUrl":"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg","datePublished":"2025-10-07T19:40:01+00:00","description":"Microsoft has confirmed that attackers linked to the Medusa ransomware group are exploiting a critical flaw in Fortra\u2019s GoAnywhere MFT files","breadcrumb":{"@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#primaryimage","url":"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg","contentUrl":"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg","width":1200,"height":675,"caption":"Goanywhere flaw used in cyberattack"},{"@type":"BreadcrumbList","@id":"https:\/\/www.techworm.net\/2025\/10\/microsoft-confirms-goanywhere-flaw-used-in-medusa-ransomware-attacks.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.techworm.net\/"},{"@type":"ListItem","position":2,"name":"News","item":"https:\/\/www.techworm.net\/category\/news"},{"@type":"ListItem","position":3,"name":"Microsoft Confirms GoAnywhere Flaw Used In Medusa Ransomware Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.techworm.net\/#website","url":"https:\/\/www.techworm.net\/","name":"TechWorm","description":"The Tech Hub","publisher":{"@id":"https:\/\/www.techworm.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.techworm.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.techworm.net\/#organization","name":"Techworm","url":"https:\/\/www.techworm.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techworm.net\/#\/schema\/logo\/image\/","url":"https:\/\/www.techworm.net\/wp-content\/uploads\/2019\/12\/TECHWORM-FOOTER-LOGO.png","contentUrl":"https:\/\/www.techworm.net\/wp-content\/uploads\/2019\/12\/TECHWORM-FOOTER-LOGO.png","width":300,"height":64,"caption":"Techworm"},"image":{"@id":"https:\/\/www.techworm.net\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/techworm.in","https:\/\/x.com\/Techworm_in","https:\/\/www.instagram.com\/techworm_in\/","https:\/\/www.linkedin.com\/company\/9221219","https:\/\/www.youtube.com\/channel\/UCpa9W_3YE1c9Iu4j2ifxzsg"]},{"@type":"Person","@id":"https:\/\/www.techworm.net\/#\/schema\/person\/0bad644d3627b673312e064f7343640a","name":"Kavita Iyer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/5b0dce85b2cf49a0bb24826eb3d6315cd1f8f75a202563ba2d1985358c134ff7?s=96&d=wavatar&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/5b0dce85b2cf49a0bb24826eb3d6315cd1f8f75a202563ba2d1985358c134ff7?s=96&d=wavatar&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5b0dce85b2cf49a0bb24826eb3d6315cd1f8f75a202563ba2d1985358c134ff7?s=96&d=wavatar&r=g","caption":"Kavita Iyer"},"description":"An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!","sameAs":["https:\/\/www.techworm.net","https:\/\/www.facebook.com\/techbug9","https:\/\/x.com\/Purplemoonkavs"],"url":"https:\/\/www.techworm.net\/author\/kavita-iyer"}]}},"jetpack_featured_media_url":"https:\/\/www.techworm.net\/wp-content\/uploads\/2025\/10\/goanywhere-critical-vulnerbility-cover.jpg","_links":{"self":[{"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/posts\/127873","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/comments?post=127873"}],"version-history":[{"count":0,"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/posts\/127873\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/media\/127875"}],"wp:attachment":[{"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/media?parent=127873"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/categories?post=127873"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.techworm.net\/wp-json\/wp\/v2\/tags?post=127873"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}