A new Aiohttp vulnerability has been discovered, which the threat actor ShadowSyndicate exploits. Aiohttp is an asynchronous HTTP client/server framework that has extensive capabilities and flexibility to make aiohttp perform various asynchronous tasks. The ShadowSyndicate threat actor operates as a Ransomware-as-a-Service affiliate and has been active since July 2022.
Source: GBHackers