CSOonline

Attackers exploit zero-day RCE flaw in Cleo managed file transfer

The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.
Infosecurity-magazine.com

Zero Day in Cleo File Transfer Software Exploited En Masse

Security researchers have warned customers of the popular file transfer software vendor Cleo that a zero-day vulnerability is currently being exploited in the wild to steal their data. Security vendor ...
The National Law Review

Patch, Investigate, and Defend: Critical and High Vulnerabilities in Cleo Managed File Transfer Solutions Reportedly Under Attack

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...
Dark Reading

Cleo MFT Zero-Day Exploits Are About to Escalate, Analysts Warn

An active ransomware campaign against the Cleo managed file transfer tool is about to ramp up now that a proof-of-concept exploit for a zero-day flaw in the software has become publicly available.
CRN

5 Things To Know On The Cleo Data Theft Attacks

The cybercriminal group Clop — previously responsible for the widely felt MOVEit data theft attacks of 2023 — has reportedly claimed responsibility for the recent attacks exploiting Cleo file transfer ...
Dark Reading

Hertz Falls Victim to Cleo Zero-Day Attacks

Rental car giant Hertz Corp. confirmed that some of its customers' data was stolen during a wave of attacks against two zero-day vulnerabilities last year. Hertz said the data was stolen when a threat ...