Microsoft has identified a link between Storm-1175, a China-based cybercrime group, and the deployment of Medusa ransomware in zero-day attacks. This group is known for its high-velocity attacks, utilizing n-day and zero-day exploits to compromise targets. The use of zero-day exploits by Storm-1175 indicates a sophisticated level of capability, allowing the group to capitalize on previously unknown vulnerabilities before patches can be developed. Microsoft's attribution of these attacks to Storm-1175 suggests a significant threat to organizations relying on Microsoft products, as the window for patching vulnerabilities is rapidly diminishing1. The immediate assessment of exposure to these threats is crucial, as the group's ability to exploit zero-day vulnerabilities can lead to severe consequences. So what matters most to practitioners is that the emergence of zero-day activity targeting Microsoft products necessitates swift action to evaluate and mitigate potential risks.