Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on Monday. “We’ve discovered at least 10 businesses whose Cleo servers were compromised with a notable uptick in exploitation observed on December 8 around 07:00 UTC. After some initial analysis, however, we have found evidence of exploitation as early as December 3,” they shared, and noted that there … More

The post Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623) appeared first on Help Net Security.