Get the latest updates!

Dr. Yunfei Ge

Fortra GoAnywhere MFT: Deserialization Flaw Opens the Door to Remote Code Execution (CVE-2025-10035)

Fortra GoAnywhere MFT: Deserialization Flaw Opens the Door to Remote Code Execution (CVE-2025-10035)

by Dr. Yunfei Ge | Oct 14, 2025 | What do recent CVEs reveal about the most common mistakes in vulnerability management?, What lessons can we learn from recent cases like the Salesforce token abuse or Fortra GoAnywhere CVEs?

In September 2025, security researchers warned of CVE-2025-10035, a critical remote code execution flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) platform. Rated CVSS 10.0, the vulnerability allows attackers to take full control of affected systems without...

When API Tokens Go Wrong: Lessons from the Salesforce Breach

When API Tokens Go Wrong: Lessons from the Salesforce Breach

by Dr. Yunfei Ge | Sep 22, 2025

Background The Salesforce breach occurred when attackers obtained OAuth tokens through...

Strengthening Web API Security: Unlocking the Power of Web API Testing with RidgeBot 5.0

by Dr. Yunfei Ge | Oct 11, 2024

https://open.spotify.com/episode/2Jh5dDXAi90kSu7oljyq39?si=11cb90e0e3754493 API security is a...

Recent Posts

Category Tags