Hackers Strike Early: Fortra GoAnywhere Exploit Unleashed Before Public Warning

Hackers made an early debut exploiting the Fortra GoAnywhere flaw CVE-2025-10035, striking a week before anyone sounded the alarm. With 20,000 internet-facing instances, including Fortune 500 companies, this deserialization vulnerability was a ticking time bomb, and the hackers didn’t wait for an invitation.

3P
Published: September 26, 2025 3:36 pmAdded: September 26, 2025 at 8:49 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Someone call the fashion police because it seems like Fortra GoAnywhere MFT was caught wearing its vulnerabilities out in public before they even hit the runway. Hackers were quick to snatch this security flaw like it was the last pair of designer shoes on sale, and they did it all before the catwalk debut (a.k.a. public disclosure). Who knew cybersecurity could be so chic yet terrifyingly precarious?

Key Points:

– Hackers exploited Fortra GoAnywhere MFT flaw CVE-2025-10035 on September 10, 2025, before it was publicly disclosed.
– The flaw is a deserialization vulnerability that allows command execution on affected systems.
– Fortra released a patch on September 18, 2025, and advises restricting public access to mitigate risks.
– The flaw involves a chain of three bugs, not just a single deserialization issue.
– Rapid7 found over 20,000 affected instances, including those in Fortune 500 companies.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?