Microsoft Links China-Based Storm-1175 Group to Rapid Zero-Day Exploitation and Medusa Ransomware Attacks

Microsoft attributes recent zero-day and n-day exploit attacks to Storm-1175, a China-based cybercriminal group financially motivated and known for deploying Medusa ransomware. The threat actor rapidly weaponizes newly disclosed vulnerabilities, including zero-days, with some exploits deployed within 24 hours of public disclosure. These high-velocity attacks target victims' networks to gain initial access, though specific vulnerabilities (e.g., CVE IDs) or affected systems were not detailed. The group's operations focus on exploiting unpatched flaws before organizations can apply security updates. No exact timeline or victim sectors were specified in the report.