Storm-1175 actors are running up-tempo campaigns to deliver Medusa ransomware, putting pressure on organizations to patch critical vulnerabilities faster. 

In a blog post on Monday, Microsoft Threat Intelligence detailed how Storm-1175, a financially motivated cybercrime group, is conducting "high velocity ransomware campaigns" that typically exploit known vulnerabilities in the sweet spot for threat actors: the time between a vulnerability's initial disclosure and the widespread adoption of the patch. Microsoft also tied the exploitation of several zero-day vulnerabilities to the group. More here