Inside an AI‑enabled device code phishing campaign - Microsoft

April 6 Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize recently disclosed vulnerabilities to obtain initial access, exfiltrate data, and deploy Medusa ransomware.