Trivy

Microsoft links Medusa ransomware affiliate to zero-day attacks Microsoft says the China-based group it tracks as Storm-1175 is moving unusually fast in Medusa ransomware intrusions, sometimes weaponizing newly disclosed bugs within a day and in some cases exploiting flaws before patches are released. The company said recent campaigns hit healthcare, education, professional services, and finance targets, and showed the group chaining multiple vulnerabilities to gain persistence, steal credentials, disable defenses, and deploy ransomware within days…