MUST READ

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

 | 

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns

 | 

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025

 | 

Discord discloses third-party breach affecting customer support data

 | 

Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers

 | 

LinkedIn sues ProAPIs for $15K/Month LinkedIn data scraping scheme

 | 

Zimbra users targeted in zero-day exploit using iCalendar attachments

 | 

Reading the ENISA Threat Landscape 2025 report

 | 

Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65

 | 

Security Affairs newsletter Round 544 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

GreyNoise detects 500% surge in scans targeting Palo Alto Networks portals

 | 

U.S. CISA adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog

 | 

ShinyHunters Launches Data Leak Site: Trinity of Chaos Announces New Ransomware Victims

 | 

ProSpy, ToSpy malware pose as Signal and ToTok to steal data in UAE

 | 

Google warns of Cl0p extortion campaign against Oracle E-Business users

 | 

CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor

 | 

Allianz Life data breach impacted 1.5 Million people

 | 

Cybercrime group claims to have breached Red Hat 's private GitHub repositories

 | 

China-linked APT Phantom Taurus uses Net-Star malware in espionage campaigns against key sectors

 | 

Fortra GoAnywhere MFT

Pierluigi Paganini September 19, 2025
Fortra addressed a maximum severity flaw in GoAnywhere MFT software

Fortra addressed a critical flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. Fortra addressed a critical vulnerability, tracked as CVE-2025-10035 (CVSS score of 10.0) in GoAnywhere Managed File Transfer (MFT) software. Fortra GoAnywhere Managed File Transfer is a comprehensive solution for secure file transfer, data encryption, […]

Pierluigi Paganini January 24, 2024
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204

Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra’s GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of the recently disclosed vulnerability CVE-2024-0204 impacting Fortra GoAnywhere MFT. The security experts also published a proof-of-concept (PoC) exploit that allows the creation of new admin users on vulnerable […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

Hacking / October 07, 2025

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns

Hacking / October 07, 2025

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025

Cyber Crime / October 07, 2025

Discord discloses third-party breach affecting customer support data

Data Breach / October 06, 2025

Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers

Security / October 06, 2025