Alexander Culafi reports:
Illinois, Minnesota and Missouri state governments are among a growing list of organizations attacked via a critical flaw in Progress Software’s MoveIT Transfer product.
Progress Software on May 31 detailed an SQL injection bug in its managed file transfer (MFT) software MoveIt Transfer. Progress urged customers to immediately apply mitigations for the vulnerability, tracked as CVE-2023-34362, while it worked on a patch, which was released later that day. But as security vendors reported soon after, the critical bug was already under active exploitation in the wild.
A wave of organizations have disclosed data breaches in the wake of CVE-2023-34362 coming to light.
Read more at TechTarget.