Researchers at FortiGuard Labs are aware of a critical zero-day SQL injection vulnerability in the MOVEit Secure Managed File Transfer software (CVE-2023-34362) allegedly exploited by the Cl0p ransomware threat actor. High-profile government, finance, media, aviation, and healthcare organizations have reportedly been affected, with data exfiltrated and stolen.
Due to its severity, US CISA released an advisory for the vulnerability on 1 June 2023. They also updated the Known Exploited Vulnerabil
