Microsoft has warned that Storm-1175, a cybercrime group linked to Medusa ransomware, is exploiting vulnerable web-facing systems in fast-moving attacks, at times moving from initial access to data theft and ransomware deployment within 24 hours. The company said the group has heavily targeted organizations in healthcare, education, professional services, and finance across Australia, the UK, and the US, showing how quickly ransomware affiliates can exploit exposed perimeter systems before defenders patch or even spot the breach. Microsoft also said Storm-1175 has, in some cases, used zero-day flaws before they were publicly disclosed. “While the threat actor typically uses N-day vulnerabili...