The Medusa ransomware has emerged as a significant threat in 2025, targeting over 40 organizations and demanding ransoms ranging from $100,000 to $15 million. Since January 2023, the ransomware has affected more than 400 victims, with a reported 42% increase in attacks from 2023 to 2024. Cybersecurity experts indicate that vulnerabilities in Microsoft Exchange have been a common entry point for these attacks. Additionally, EncryptHub, a malware threat actor, has compromised over 600 organizations, with its operations and attack methods recently exposed by researchers. In a related incident, a data breach at Japanese telecom giant NTT has resulted in the exposure of details from nearly 18,000 companies. Furthermore, the ongoing campaign has infiltrated the Go ecosystem with typosquatted packages that install hidden loader malware, primarily targeting Linux and macOS systems in the financial sector.