https://www.bleepingcomputer.com/news/security/new-cleo-zero-day-rce-flaw-exploited-in-data-theft-attacks/ > Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. > The flaw is found in the company's secure file transfer products, Cleo LexiCom, VLTrader, and Harmony, and is a remote code execution flaw tracked as CVE-2023-34362.