Get the latest updates!

Subscribe to our Newsletter

Stay up to date with Ridge Security news and products.

Fortra GoAnywhere MFT: Deserialization Flaw Opens the Door to Remote Code Execution (CVE-2025-10035)

by Dr. Yunfei Ge | Oct 14, 2025 | What do recent CVEs reveal about the most common mistakes in vulnerability management?, What lessons can we learn from recent cases like the Salesforce token abuse or Fortra GoAnywhere CVEs?

In September 2025, security researchers warned of CVE-2025-10035, a critical remote code execution flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) platform. Rated CVSS 10.0, the vulnerability allows attackers to take full control of affected systems without...

Threat Analysis: Unpacking the “ToolShell” Zero-Day in Microsoft SharePoint

by Vincent Qi | Aug 13, 2025

In July 2025, multiple critical vulnerabilities collectively known as “ToolShell” and tracked as...

Automating Infrastructure Workflows for AI Security

by William Qiao | Aug 11, 2025

In the rapidly evolving field of AI-powered cybersecurity, efficient infrastructure management is...

Citrix NetScaler Out-of-Bounds Memory Read Vulnerability CVE-2025-5777

by Yichen Liu | Aug 4, 2025

Citrix NetScaler is a networking product that optimizes, secures, and controls the delivery of...

How LLMs Help Penetration Testers Exploit Systems with First-Principles Thinking

by Colby Watts | Jul 28, 2025

As cybersecurity teams strive to keep up with evolving threats, it's easy to fall into reactive...

The First Principles of Penetration Testing

by Yvonne Ye | Jul 23, 2025

As cybersecurity teams strive to keep up with evolving threats, it's easy to fall into reactive...

Defending the Next Frontier of AI Infrastructure Threats — MCP Security — with RidgeBot

by Oliver Xu | Jul 16, 2025

As generative AI evolves from chatbots to autonomous agents, a new integration standard is...

« Older Entries

Next Entries »