-
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month.
- October 06, 2025
- 02:11 PM
0
-
Maximum severity GoAnywhere MFT flaw exploited as zero day
Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT that allows injecting commands remotely without authentication.
- September 26, 2025
- 09:50 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet
Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in command injection attacks.
- September 19, 2025
- 10:20 AM
- 0
-
Exploit released for Fortra GoAnywhere MFT auth bypass bug
Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal.
- January 23, 2024
- 06:16 PM
- 0
-
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now
Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user.
- January 23, 2024
- 10:41 AM
- 0
-
Brightline data breach impacts 783K pediatric mental health patients
Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware gang stole data using a zero-day vulnerability in its Fortra GoAnywhere MFT secure file-sharing platform.
- May 03, 2023
- 10:33 AM
- 2
-
Fortra shares findings on GoAnywhere MFT zero-day attacks
Fortra has completed its investigation into the exploitation of CVE-2023-0669, a zero-day flaw in the GoAnywhere MFT solution that the Clop ransomware gang exploited to steal data from over a hundred companies.
- April 19, 2023
- 03:06 PM
- 1
-
Crown Resorts confirms ransom demand after GoAnywhere breach
Crown Resorts, Australia's largest gambling and entertainment company, has confirmed that it suffered a data breach after its GoAnywhere secure file-sharing server was breached using a zero-day vulnerability.
- March 28, 2023
- 12:26 PM
- 0
-
Procter & Gamble confirms data theft via GoAnywhere zero-day
Consumer goods giant Procter & Gamble has confirmed a data breach affecting an undisclosed number of employees after its GoAnywhere MFT secure file-sharing platform was compromised in early February.
- March 24, 2023
- 01:54 PM
- 0
-
Clop ransomware claims Saks Fifth Avenue, retailer says mock data stolen
The Clop ransomware gang claims to have attacked Saks Fifth Avenue on its dark web leak site. Saks admits the incident is linked to the ongoing GoAnywhere MFT software exploits but states that no real customer data was stolen.
- March 21, 2023
- 05:25 AM
- 1
-
The Week in Ransomware - March 17th 2023 - Shifting to data extortion
The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting to extort victims on their data leak site and companies confirming breaches.
- March 17, 2023
- 07:01 PM
- 1
-
Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a GoAnyway zero-day vulnerability.
- March 17, 2023
- 12:20 PM
- 0
-
Rubrik confirms data theft in GoAnywhere zero-day attack
Cybersecurity company Rubrik has confirmed that its data was stolen using a zero-day vulnerability in the Fortra GoAnywhere secure file transfer platform.
- March 14, 2023
- 04:43 PM
- 0
-
Clop ransomware gang begins extorting GoAnywhere zero-day victims
The Clop ransomware gang has begun extorting companies whose data was stolen using a zero-day vulnerability in the Fortra GoAnywhere MFT secure file-sharing solution.
- March 11, 2023
- 02:36 PM
- 0
-
Hatch Bank discloses data breach after GoAnywhere MFT hack
Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company's Fortra GoAnywhere MFT secure file-sharing platform.
- March 02, 2023
- 02:33 PM
- 0
-
Healthcare giant CHS reports first data breach in GoAnywhere hacks
Community Health Systems (CHS) says it was impacted by a recent wave of attacks targeting a zero-day vulnerability in Fortra's GoAnywhere MFT secure file transfer platform.
- February 14, 2023
- 11:26 AM
- 0
-
Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day
The Clop ransomware gang claims to be behind recent attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organizations.
- February 10, 2023
- 03:15 PM
- 0
-
Actively exploited GoAnywhere MFT zero-day gets emergency patch
Fortra has released an emergency patch to address an actively exploited zero-day vulnerability in the GoAnywhere MFT secure file transfer tool.
- February 07, 2023
- 03:37 AM
- 0
-
Exploit released for actively exploited GoAnywhere MFT zero-day
Exploit code has been released for an actively exploited zero-day vulnerability affecting Internet-exposed GoAnywhere MFT administrator consoles.
- February 06, 2023
- 06:22 PM
- 0
-
GoAnywhere MFT zero-day vulnerability lets hackers breach servers
The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles.
- February 03, 2023
- 11:39 AM
- 0
0
