Threat Intelligence / Actor / Storm-1175

Storm-1175

Nation: China · 2 tracked threat(s) · Categories: VULNERABILITY, RANSOMWARE

Also known as: Storm-1175

Tracked threats

ConnectWise ScreenConnect Path Traversal (CVE-2024-1708) Added to CISA KEV — Storm-1175 / Medusa Ransomware Active Exploitation — HIGH
Storm-1175 Medusa Ransomware Zero-Day Exploitation Campaign (CVE-2026-23760, CVE-2025-10035) — CRITICAL

Full actor intelligence — infrastructure, IOCs, detection coverage and operator fingerprints — is available via the Threadlinqs MCP server (Purple tier). View plans →

Threadlinqs Intelligence