CRITICALRansomware
Global

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

Tuesday, April 7, 2026 at 06:35 AM UTC·Source: The Hacker News

Updated: Tuesday, April 7, 2026 at 07:37 AM UTC

Executive Summary

A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate "high-velocity" attacks and break into susceptible internet-facing systems. "The threat actor's high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent

Analysis

A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate "high-velocity" attacks and break into susceptible internet-facing systems. "The threat actor's high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent
Source Attribution

Originally published by The Hacker News on Apr 7, 2026.

Related Threats

HIGHRansomwareNEW

German Police Unmask REvil Ransomware Leader

Shchukin is accused of extorting more than $2 million as the head of the GandCrab and REvil ransomware operations. The post German Police Unmask REvil Ransomware Leader appeared first on SecurityWeek .

SecurityWeek
HIGHRansomware

German authorities identify REvil and GandCrab ransomware bosses

The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. [...]

BleepingComputer
HIGHRansomware

German authorities identify REvil and GangCrab ransomware bosses

The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. [...]

BleepingComputer