MedusaLocker Ransomware – Active IOCs

May 1, 2025

CVE-2025-29953 – Apache ActiveMQ Vulnerability

May 1, 2025

Multiple Microsoft Azure Vulnerabilities

May 1, 2025

Severity

High

Analysis Summary

CVE-2025-33074 CVSS:7.5

Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.

CVE-2025-30390 CVSS:9.9

Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.

Impact

Code Execution
Privilege Escalation

Indicators of Compromise

CVE

CVE-2025-33074
CVE-2025-30390

Affected Vendors

Microsoft

Affected Products

Microsoft Azure Machine Learning
Microsoft Azure Functions

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2025-33074

CVE-2025-30390

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Patchwork APT Group – Active IOCs

VS Code in Browser Exposes Sessions

Multiple F5 BIG-IP Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

MedusaLocker Ransomware – Active IOCs

CVE-2025-29953 – Apache ActiveMQ Vulnerability

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.