ThreatCluster

Ransomware Groups Medusa and DragonForce Exploit RMM Tools in 2025 Attacks

First seen 11 Nov 2025, 11:18 UTC GbhackersCybersecuritynews 83% similarity 52

Article Content

Browse articles
ThreatCluster

In 2025, ransomware groups Medusa and DragonForce targeted UK organizations by exploiting vulnerabilities in the SimpleHelp Remote Monitoring and Management platform. They leveraged three critical vulnerabilities (CVE-2024-57726, CVE-2024-57727, CVE-2024-57728) to gain unauthorized access through trusted third-party vendors and Managed Service Providers.

ThreatCluster AI

Community

Browse all →