security: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

Microsoft observed active exploitation of CVE-2025-10035, a deserialization vulnerability in the GoAnywhere Managed File Transfer (MFT) License Servlet, by the financially motivated actor Storm-1175 (associated with Medusa ransomware). The blog post raises awareness and describes end-to-end protection coverage in Microsoft Defender.

• Source: Microsoft Security Blog