MUST READ

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Fortra

Pierluigi Paganini September 26, 2025
Hackers exploit Fortra GoAnywhere flaw before public alert

watchTowr Labs says hackers exploited the Fortra GoAnywhere MFT flaw CVE-2025-10035 on Sept 10, 2025, a week before public disclosure. Cybersecurity firm watchTowr Labs revealed that it has ‘credible evidence’ that the critical Fortra GoAnywhere MFT flaw CVE-2025-10035 was actively exploited in attacks in the wild as early as September 10, 2025, a week before […]

Pierluigi Paganini September 19, 2025
Fortra addressed a maximum severity flaw in GoAnywhere MFT software

Fortra addressed a critical flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. Fortra addressed a critical vulnerability, tracked as CVE-2025-10035 (CVSS score of 10.0) in GoAnywhere Managed File Transfer (MFT) software. Fortra GoAnywhere Managed File Transfer is a comprehensive solution for secure file transfer, data encryption, […]

Pierluigi Paganini August 30, 2024
Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw

Cybersecurity and automation company Fortra addressed two vulnerabilities in FileCatalyst Workflow software, including a critical-severity flaw. Cybersecurity and automation company Fortra released patches for two vulnerabilities in FileCatalyst Workflow. Once of the vulnerabilities is a critical issue, tracked as CVE-2024-6633 (CVSS score of 9.8) described as Insecure Default in FileCatalyst Workflow Setup. The flaw impacts […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025