Josh Taylor, Lead Security Analyst at Fortra, authored a recent opinion article for CSO examining why developer workstations have become a top target for attackers.

Tyler Reguly, Associate Director of Security R&D at Fortra, was featured in a recent Dark Reading article examining Microsoft’s April 2026 Patch Tuesday update.

Fortra was included in a 2026 industry roundup published by National Cyber Security, which evaluated the Top 10 Best Digital Risk Protection (DRP) Platforms. Fortra’s PhishLabs Digital Risk Protection was recognized for its strength in phishing detection and takedown services, analyst‑driven intelligence, and protection against social engineering and fraud. The piece positions PhishLabs as a...

Fortra expert John Wilson was mentioned in a recent episode of The Financial Journey podcast focused on tax scams targeting older Americans

Fortra expert John Wilson, Senior Fellow, Threat Research, wrote this article in eSecurity Planet on the evolution of hybrid vishing.

Moonlock published an in-depth article examining the GhostPoster browser extension campaign, featuring research and expert insight from Daud Jawad, Security Engineer on the Fortra Intelligence and Research Experts (FIRE) team.

Fortra Senior Fellow Threat Researcher John Wilson joined CyberRisk TV during RSAC 2026 to discuss the FIRE team’s new research on Scripted Sparrow, a highly active BEC collective sending millions of targeted scam emails each month.

A recent Forbes article, later picked up by Yahoo Tech, covered Microsoft’s disclosure of CVE-2026-21262, an SQL Server privilege escalation vulnerability that was publicly revealed before a patch was released.

In new research featured by Redmond Magazine, the Fortra Intelligence and Research Experts (FIRE) team uncovered a GitHub-driven vishing campaign abusing legitimate notification emails to impersonate trusted brands.

Ricardo Narvaja’s vulnerability research is featured in Cyber Security News, examining CVE-2026-2636, a denial-of-service flaw in Windows’ Common Log File System driver. The vulnerability allows a low-privileged user to trigger an unrecoverable Blue Screen of Death through a simple proof of concept requiring only two API calls. 

Software and cloud vulnerabilities continue to grow in volume and complexity. In IT Security Wire, Tyler Reguly outlines how organizations can move beyond patching everything and instead focus on prioritization, stakeholder alignment, and asset visibility to reduce fatigue and improve outcomes.

Fortra appears in the Q4 2025 APWG Phishing Activity Trends Report for its analysis of Business Email Compromise activity and attacker behavior. The report shows how anti-phishing tools help track evolving threat patterns at scale. Fortra reviewed thousands of BEC attacks this quarter and found a 136% increase in wire transfer attempts. The average amount requested increased to $50,297. The report...

Ransomware groups are increasingly using AI powered bots to scale negotiations, compress timelines, and pressure incident response teams.

Bob Erdman, Associate VP of R&D at Fortra, is quoted in a recent The Epoch Times feature exploring how personal data accumulates on the darknet, how criminals monetize breach information, and why these underground markets continue to grow despite law enforcement action. Erdman highlights how repeated breach exposures allow attackers to build and trade increasingly complete identity profiles,...

CSO reported on Microsoft’s February 2026 Patch Tuesday release, which addressed 60 vulnerabilities, including six that are new and actively exploited.

Josh Davies was featured in a recent The Register article examining the risks behind the viral AI caricature trend.

The FIRE team uncovered an SEO poisoning marketplace that helps threat actors manipulate search rankings by placing malicious backlinks on compromised but legitimate websites.

Tyler Reguly, Associate Director of Security R&D at Fortra, was quoted in a CSO article examining Microsoft’s January 2026 Patch Tuesday, which includes an actively exploited zero-day and several critical vulnerabilities affecting Windows, Office, and SharePoint.

Josh Taylor examines how hacktivism has shifted from headline-grabbing stunts to something far more complex and harder to spot.

In Security Boulevard, Tyler Reguly explains why the goal of patching every vulnerability is not just unrealistic but counterproductive. Drawing on more than two decades in vulnerability management, he argues that security teams need to stop chasing raw CVE counts and instead focus on risk, context, and asset intelligence to decide what truly matters.Originally published in ​Security Boulevard....