Fortra® Security & Trust Center

Blog

What Can the AI Work Caricature Trend Teach Us About the Risks of Shadow AI?

By Josh Davies on Wed, 02/11/2026
The viral AI work caricature trend on Instagram is prompting users to generate job‑based AI images, unintentionally exposing sensitive personal and professional information. This activity highlights how easily threat actors can identify potential targets, exploit publicly shared details, and attempt LLM account takeovers or prompt‑based data extraction. The trend underscores broader risks of shadow AI, including the leakage of proprietary or sensitive data when employees use public LLMs. Organizations are encouraged to strengthen AI governance, monitor for compromised credentials, and deploy data‑security tools to prevent unauthorized access and disclosure.
Patch Tuesday Analysis
Blog

February 2026 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/10/2026
Today’s Patch Tuesday Alert addresses Microsoft’s February 2026 Security Updates. The FIRE team is actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Vulnerability Management
Blog

SEO Poisoning Marketplace Topping Search Results, Impersonating Top Financial Institutions

By Kyle Skwirsk on Mon, 01/26/2026
Introduction to the HaxorSEO MarketplaceFortra Intelligence and Research Experts (FIRE) have uncovered a group of active malicious threat actors operating since 2020. The group refers to themselves as Haxor, a slang word for hackers, and their marketplace as HxSEO, or HaxorSEO. HxSEO has established its primary base of operations and marketplace on Telegram and WhatsApp. HxSEO stands out for...
phishing-hook
Blog

BEC Global Insights Report: December 2025

By JT Newby on Fri, 01/16/2026
This report from Fortra Intelligence & Research Experts (FIRE) outlines key BEC trends for December 2025 based on active defense engagements. Findings include a 1% increase in overall attack volume compared to November, with gift cards as the leading cash-out method (52.8%) and Apple Store cards being most requested (50%).
Patch Tuesday Analysis
Blog

January 2026 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/13/2026
Today’s Patch Tuesday Alert addresses Microsoft’s January 2026 Security Updates. The FIRE team is actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Threat Research & Intelligence
Vulnerability Management
ai-threats
Blog

Top Five AI Threats to Watch Out For

By Cybersecurity Experts at Fortra on Mon, 01/12/2026
AI threats can be plentiful and widespread. This blog breaks through the noise by identifying the top five riskiest AI threats to pay attention to this year. Fortra’s threat research breaks down what these threats are, how they are carried out by threat actors, and the risks they pose to all organizations regardless of size or industry.
Security Advisory

Weak Password Hash in Core Privileged Access Manager (BoKS)

Tue, 12/16/2025
Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.
FI-2025-014
Medium
CVE-2025-13532
Patch Tuesday Analysis
Vulnerability Research

December 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 12/09/2025
Today’s Patch Tuesday Alert addresses Microsoft’s December 2025 Security Updates. The FIRE team is actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.
Threat Research & Intelligence