Medusa and DragonForce Ransomware Exploit RMM Tools in 2025 UK Attacks

Medusa and DragonForce Ransomware Exploit RMM Tools in 2025 UK Attacks

First seen 30 Nov 2025, 12:41 UTC Infosecurity-MagazineIndustrialcyber.CoGbhackersCybersecuritynewsThreatcluster+2 75% similarity 52.4

Article Content

Browse articles
ThreatCluster

In 2025, ransomware groups Medusa and DragonForce targeted UK organizations by exploiting three critical vulnerabilities in the SimpleHelp Remote Monitoring and Management platform. These vulnerabilities (CVE-2024-57726, CVE-2024-57727, CVE-2024-57728) allowed unauthorized access through trusted third-party vendors and Managed Service Providers.

ThreatCluster AI

Community

Browse all →