Tag

#file-transfer

2 posts tagged #file-transfer.

Analysis · May 20, 2026 · The Commentary Desk

Before MOVEit and GoAnywhere, Cl0p's playbook was born on a 20-year-old Accellion box

The Accellion FTA breaches of late 2020 are where Cl0p's mass-data-theft-and-extortion model started. Four CVEs in a legacy file-transfer appliance, exploited to steal data from dozens of organizations. The product was already two decades old and on its way out.
Analysis · May 20, 2026 · operations-desk

SolarWinds Serv-U: a state actor's zero-day in yet another file-transfer product

CVE-2021-35211 was a zero-day RCE in SolarWinds Serv-U, exploited by a China-nexus actor weeks after the SUNBURST headlines faded. It's another managed-file-transfer product turned into a foothold, the category attackers keep returning to.