Multiple researchers last week spotlighted the exploitation of CVE-2024-55591 and CVE-2025-24472 by a new ransomware group called Mora_001. The Cybersecurity and Infrastructure Security Agency (CISA) ...

Security researchers say that a threat actor it calls Mora_001 has ‘close ties’ to the Russia-linked hacking group ...

In a report published last week, security researchers at Forescout Research said a group it’s tracking dubbed “Mora_001” is exploiting the Fortinet firewalls, which sit on the edge of a ...

Forescout named the group running the attacks “Mora_001”. Since there are some overlaps in its tactics, techniques, and procedures (TTP) with LockBit, the researchers believe the group could ...

On March 12, Forescout revealed that Mora_001, a ransomware group with connections to LockBit, was exploiting CVE-2025-24472 alongside CVE-2024-55591, another Fortinet vulnerability, when deploying a ...