Critical ArcGIS Account Recovery Targeted in Active Attacks

SecurityOnline.info reports that cybercriminals are actively exploiting ArcGIS Account Recovery workflows by targeting enabled built-in accounts and weak recovery questions to bypass MFA and obtain full account control; Esri confirms current targeted attempts and recommends administrators disable built-in Portal and Server accounts, ensure strong recovery configurations, implement SMTP for password resets, and prepare for an imminent vendor patch.