Fortra
-
Microsoft links Storm-1175 to zero-day exploitation of GoAnywhere MFT
Microsoft said the criminal group Storm-1175 exploited a zero-day in Fortra’s GoAnywhere MFT to gain remote code execution, deploy monitoring tools, steal data with Rclone and install Medusa ransomware, with activity observed as early as Sept. 11; CISA and other researchers have also reported active exploitation.
-
Fortra patches critical GoAnywhere MFT flaw; admins urged to restrict internet exposure of Admin Console
Fortra has issued patches for a critical GoAnywhere MFT vulnerability (CVE-2025-10035) that could enable remote command injection via deserialization. The company urges administrators to secure Admin Console access and apply the latest updates, as Shadowserver tracks hundreds of GoAnywhere instances and exposure continues to be a concern.
