-
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month.
- October 06, 2025
- 02:11 PM
0
-
Maximum severity GoAnywhere MFT flaw exploited as zero day
Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT that allows injecting commands remotely without authentication.
- September 26, 2025
- 09:50 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet
Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in command injection attacks.
- September 19, 2025
- 10:20 AM
- 0
-
Fortra fixes critical FileCatalyst Workflow hardcoded password issue
Fortra is warning of a critical hardcoded password flaw in FileCatalyst Workflow that could allow attackers unauthorized access to an internal database to steal data and gain administrator privileges.
- August 28, 2024
- 12:59 PM
- 0
-
Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released
The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database.
- June 26, 2024
- 12:56 PM
- 0
-
Exploit released for Fortra GoAnywhere MFT auth bypass bug
Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal.
- January 23, 2024
- 06:16 PM
- 0
-
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now
Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user.
- January 23, 2024
- 10:41 AM
- 0
-
Brightline data breach impacts 783K pediatric mental health patients
Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware gang stole data using a zero-day vulnerability in its Fortra GoAnywhere MFT secure file-sharing platform.
- May 03, 2023
- 10:33 AM
- 2
-
Fortra shares findings on GoAnywhere MFT zero-day attacks
Fortra has completed its investigation into the exploitation of CVE-2023-0669, a zero-day flaw in the GoAnywhere MFT solution that the Clop ransomware gang exploited to steal data from over a hundred companies.
- April 19, 2023
- 03:06 PM
- 1
-
Microsoft and Fortra crack down on malicious Cobalt Strike servers
Microsoft, Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC) have announced a broad legal crackdown against servers hosting cracked copies of Cobalt Strike, one of the primary hacking tools used by cybercriminals.
- April 06, 2023
- 01:04 PM
- 0
-
Crown Resorts confirms ransom demand after GoAnywhere breach
Crown Resorts, Australia's largest gambling and entertainment company, has confirmed that it suffered a data breach after its GoAnywhere secure file-sharing server was breached using a zero-day vulnerability.
- March 28, 2023
- 12:26 PM
- 0
-
Procter & Gamble confirms data theft via GoAnywhere zero-day
Consumer goods giant Procter & Gamble has confirmed a data breach affecting an undisclosed number of employees after its GoAnywhere MFT secure file-sharing platform was compromised in early February.
- March 24, 2023
- 01:54 PM
- 0
-
Clop ransomware claims Saks Fifth Avenue, retailer says mock data stolen
The Clop ransomware gang claims to have attacked Saks Fifth Avenue on its dark web leak site. Saks admits the incident is linked to the ongoing GoAnywhere MFT software exploits but states that no real customer data was stolen.
- March 21, 2023
- 05:25 AM
- 1
-
Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a GoAnyway zero-day vulnerability.
- March 17, 2023
- 12:20 PM
- 0
-
Rubrik confirms data theft in GoAnywhere zero-day attack
Cybersecurity company Rubrik has confirmed that its data was stolen using a zero-day vulnerability in the Fortra GoAnywhere secure file transfer platform.
- March 14, 2023
- 04:43 PM
- 0
-
Clop ransomware gang begins extorting GoAnywhere zero-day victims
The Clop ransomware gang has begun extorting companies whose data was stolen using a zero-day vulnerability in the Fortra GoAnywhere MFT secure file-sharing solution.
- March 11, 2023
- 02:36 PM
- 0
-
Hatch Bank discloses data breach after GoAnywhere MFT hack
Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company's Fortra GoAnywhere MFT secure file-sharing platform.
- March 02, 2023
- 02:33 PM
- 0
-
Healthcare giant CHS reports first data breach in GoAnywhere hacks
Community Health Systems (CHS) says it was impacted by a recent wave of attacks targeting a zero-day vulnerability in Fortra's GoAnywhere MFT secure file transfer platform.
- February 14, 2023
- 11:26 AM
- 0
-
Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day
The Clop ransomware gang claims to be behind recent attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organizations.
- February 10, 2023
- 03:15 PM
- 0
-
Actively exploited GoAnywhere MFT zero-day gets emergency patch
Fortra has released an emergency patch to address an actively exploited zero-day vulnerability in the GoAnywhere MFT secure file transfer tool.
- February 07, 2023
- 03:37 AM
- 0
0
- 1
- 2
