Progress Software rushed to deploy a fresh patch to MOVEit Transfer users overnight Thursday following the discovery of a new SQL injection vulnerability affecting the file transfer solution. It was the second MOVEit Transfer patch issued within a week that also saw the start of extortion attempts against some victims of last month’s zero-day attacks targeting a large number of MOVEit users.
Source: SC Magazine