{"id":85894,"date":"2024-12-10T17:04:47","date_gmt":"2024-12-10T17:04:47","guid":{"rendered":"https:\/\/cybersecuritynews.com\/?p=85894"},"modified":"2024-12-23T07:47:49","modified_gmt":"2024-12-23T07:47:49","slug":"cleo-zero-day-rce-vulnerability","status":"publish","type":"post","link":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/","title":{"rendered":"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild"},"content":{"rendered":"\n<p>A critical zero-day vulnerability (CVE-2024-50623) in Cleo\u2019s file transfer products Harmony, VLTrader, and LexiComis being actively exploited by threat actors, cybersecurity researchers have warned. <\/p>\n\n\n\n<p>The vulnerability, caused by unrestricted file upload and download, allows unauthenticated remote code execution (RCE), which poses a significant risk to businesses that rely on Cleo&#8217;s software for secure file transfers.<\/p>\n\n\n\n<p>Initially disclosed in October 2024, Cleo released patch version 5.8.0.21 to address the vulnerability. However, researchers from Huntress discovered that this patch failed to mitigate the issue fully.<\/p>\n\n\n\n<p>Exploitation of the vulnerability began as early as December 3, 2024, with a sharp increase in attacks observed on December 8. The attackers leverage the flaw to place malicious files in the &#8220;autorun&#8221; directory of Cleo installations, enabling arbitrary code execution via embedded PowerShell commands or other scripts.<\/p>\n\n\n\n<p>The exploitation has targeted at least 10 businesses across industries such as consumer products, logistics, and food supply. Notably, Huntress <a href=\"https:\/\/www.huntress.com\/blog\/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">detected<\/a> over 1,700 vulnerable Cleo servers under its monitoring, suggesting a broader scope of potential compromise.<\/p>\n\n\n\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 92%,rgb(169,184,195) 100%)\"><strong>Leveraging 2024 MITRE ATT&amp;CK Results for SME &amp; MSP Cybersecurity Leaders \u2013&nbsp;<a href=\"https:\/\/go.cynet.com\/mitre_2024?utm_source=cyber_security_news&amp;utm_medium=social&amp;utm_campaign=Q4-sponsored-content&amp;utm_content=MITREATT&amp;CK2024\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Attend Free&nbsp;Webinar<\/a><\/strong><\/p>\n\n\n\n<p>The vulnerability affects all versions of Cleo Harmony, VLTrader, and LexiCom prior to and including version 5.8.0.21. Even systems updated to this patch remain exploitable due to incomplete remediation.<\/p>\n\n\n\n<p><a href=\"https:\/\/cyberplace.social\/@GossiTheDog\/113628339890303857\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">According to<\/a> Kevin Beaumont, Termite ransomware group operators exploit the vulnerability to deploy ransomware.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-observed-attack-techniques\"><strong>Observed Attack Techniques<\/strong><\/h3>\n\n\n\n<p>Threat actors exploit the vulnerability by:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Uploading malicious files into the &#8220;autorun&#8221; directory.<\/li>\n\n\n\n<li>Leveraging these files to execute embedded commands, such as PowerShell scripts.<\/li>\n\n\n\n<li>Establishing persistence through backdoor mechanisms.<\/li>\n\n\n\n<li>Conducting reconnaissance activities within compromised networks.<\/li>\n<\/ul>\n\n\n\n<p>Indicators of compromise include suspicious XML files in installation directories (e.g., <code>hosts\/main.xml<\/code>) and logs showing unauthorized file imports or PowerShell execution.<\/p>\n\n\n\n<p>Cleo has <a href=\"https:\/\/support.cleo.com\/hc\/en-us\/articles\/27140294267799-Cleo-Product-Security-Advisory-CVE-2024-50623\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">urged customers<\/a> to upgrade to version 5.8.0.21 immediately while acknowledging its limitations. A new patch is expected later this week to fully address the vulnerability. In the interim, organizations are advised to:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Move internet-exposed Cleo systems behind a firewall.<\/li>\n\n\n\n<li>Disable the &#8220;autorun&#8221; feature within Cleo software by navigating to <em>Configure &gt; Options &gt; Other Pane<\/em> and clearing the &#8220;Autorun Directory&#8221; field.<\/li>\n\n\n\n<li>Monitor installation directories for suspicious files or unauthorized changes.<\/li>\n\n\n\n<li>Block known malicious IP addresses linked to these attacks.<\/li>\n\n\n\n<li><\/li>\n<\/ul>\n\n\n\n<p>This incident underscores growing threats against managed file transfer (MFT) tools, reminiscent of past high-profile exploits like the MOVEit campaign. Attackers increasingly target enterprise software handling sensitive data transfer processes, exploiting vulnerabilities to breach corporate networks and exfiltrate data.<\/p>\n\n\n\n<p>Organizations using Cleo\u2019s products must act swiftly to implement mitigations and monitor for signs of compromise while awaiting a comprehensive patch from Cleo.<\/p>\n\n\n\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 95%,rgb(169,184,195) 100%)\"><strong><strong><code><strong><code><strong><code><strong><code><strong>Investigate Real-World Malicious Links,Malware &amp; Phishing Attacks With ANY.RUN -&nbsp;<\/strong><a href=\"https:\/\/app.any.run\/?utm_source=li_csn&amp;utm_medium=post&amp;utm_campaign=promo&amp;utm_content=service&amp;utm_term=091224\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Try for Free<\/a><\/code><\/strong><\/code><\/strong><\/code><\/strong><\/code><\/strong><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A critical zero-day vulnerability (CVE-2024-50623) in Cleo\u2019s file transfer products Harmony, VLTrader, and LexiComis being actively exploited by threat actors, cybersecurity researchers have warned. The vulnerability, caused by unrestricted file upload and download, allows unauthenticated remote code execution (RCE), which poses a significant risk to businesses that rely on Cleo&#8217;s software for secure file transfers. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":85898,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp","fifu_image_alt":"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2741,2725,11],"tags":[149,151,416],"class_list":{"0":"post-85894","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-computer-security-news","8":"category-cyber-news","9":"category-cyber-security-news","10":"tag-cyber-security","11":"tag-cyber-security-news","12":"tag-vulnerability"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.7.1 (Yoast SEO v25.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild<\/title>\n<meta name=\"description\" content=\"A critical zero-day vulnerability (CVE-2024-50623) in Cleo\u2019s file transfer products\u2014Harmony, VLTrader, and LexiComis being actively exploited by threat actors, cybersecurity researchers have warned.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild\" \/>\n<meta property=\"og:description\" content=\"A critical zero-day vulnerability (CVE-2024-50623) in Cleo\u2019s file transfer products\u2014Harmony, VLTrader, and LexiComis being actively exploited by threat actors, cybersecurity researchers have warned.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Security News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Hackingtutorialsandnews\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/guruba008\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-10T17:04:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-23T07:47:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp\" \/>\n<meta name=\"author\" content=\"Guru Baran\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@guruba008\" \/>\n<meta name=\"twitter:site\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Guru Baran\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild","description":"A critical zero-day vulnerability (CVE-2024-50623) in Cleo\u2019s file transfer products\u2014Harmony, VLTrader, and LexiComis being actively exploited by threat actors, cybersecurity researchers have warned.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild","og_description":"A critical zero-day vulnerability (CVE-2024-50623) in Cleo\u2019s file transfer products\u2014Harmony, VLTrader, and LexiComis being actively exploited by threat actors, cybersecurity researchers have warned.","og_url":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/","og_site_name":"Cyber Security News","article_publisher":"https:\/\/www.facebook.com\/Hackingtutorialsandnews","article_author":"https:\/\/www.facebook.com\/guruba008","article_published_time":"2024-12-10T17:04:47+00:00","article_modified_time":"2024-12-23T07:47:49+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp","type":"","width":"","height":""}],"author":"Guru Baran","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp","twitter_creator":"@guruba008","twitter_site":"@The_Cyber_News","twitter_misc":{"Written by":"Guru Baran","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/#article","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/"},"author":{"name":"Guru Baran","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/f7f138f8fd41a61bb60151da47730026"},"headline":"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild","datePublished":"2024-12-10T17:04:47+00:00","dateModified":"2024-12-23T07:47:49+00:00","mainEntityOfPage":{"@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/"},"wordCount":433,"publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"image":{"@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp?w=1600&resize=1600,900&ssl=1","keywords":["cyber security","cyber security news","vulnerability"],"articleSection":["Computer Security News","Cyber News","Cyber Security News"],"inLanguage":"en-US","copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/cybersecuritynews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/","url":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/","name":"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/#primaryimage"},"image":{"@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp?w=1600&resize=1600,900&ssl=1","datePublished":"2024-12-10T17:04:47+00:00","dateModified":"2024-12-23T07:47:49+00:00","description":"A critical zero-day vulnerability (CVE-2024-50623) in Cleo\u2019s file transfer products\u2014Harmony, VLTrader, and LexiComis being actively exploited by threat actors, cybersecurity researchers have warned.","breadcrumb":{"@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/#primaryimage","url":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp?w=1600&resize=1600,900&ssl=1","contentUrl":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp?w=1600&resize=1600,900&ssl=1","width":"1600","height":"900","caption":"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild"},{"@type":"BreadcrumbList","@id":"https:\/\/cybersecuritynews.com\/cleo-zero-day-rce-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cybersecuritynews.com\/"},{"@type":"ListItem","position":2,"name":"Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild"}]},{"@type":"WebSite","@id":"https:\/\/cybersecuritynews.com\/#website","url":"https:\/\/cybersecuritynews.com\/","name":"Cyber Security News","description":"World&#039;s #1 Premier Cybersecurity and Hacking News Portal","publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybersecuritynews.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cybersecuritynews.com\/#organization","name":"Cyber Security News","url":"https:\/\/cybersecuritynews.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","contentUrl":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","width":200,"height":200,"caption":"Cyber Security News"},"image":{"@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Hackingtutorialsandnews","https:\/\/x.com\/The_Cyber_News","https:\/\/www.linkedin.com\/company\/cybersecurity-news\/"]},{"@type":"Person","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/f7f138f8fd41a61bb60151da47730026","name":"Guru Baran","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/72f86da0bb72b6886d25f0ef0c881daba3a98356bc44f916f8d3a62c9e856579?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/72f86da0bb72b6886d25f0ef0c881daba3a98356bc44f916f8d3a62c9e856579?s=96&d=mm&r=g","caption":"Guru Baran"},"description":"Gurubaran is the Co-Founder and Editor-in-Chief of CyberSecurityNews.com, specializing in vulnerability analysis, malware research, ransomware, and computer forensics.","sameAs":["https:\/\/cybersecuritynews.com","https:\/\/www.facebook.com\/guruba008","https:\/\/www.linkedin.com\/in\/gurubaran-cyberwrites\/","https:\/\/x.com\/guruba008"],"url":"https:\/\/cybersecuritynews.com\/author\/guru\/"}]}},"jetpack_featured_media_url":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiNcOC_YWMQ8Cqol-pw2NL8-P3uaYk31WGikeX6uRjuy9sEFRWe0yLEWwZIcn2TX6aFkk8vT0lBnEGypqjD5dkulICdVYCcjKk8kg5RyDKS5APDTBsZ0j98-F-8uUdV9NpGzqbQXCP_xCYJG29ZqTzsiRIPj4BL3hYeGUvETJ5jw_uoGUre9Pwcdq9opUZY\/s16000\/Cleo%20Zero-Day%20RCE%20Vulnerability%20Actively%20Exploited%20in%20the%20Wild.webp?w=1600&resize=1600,900&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/85894","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/comments?post=85894"}],"version-history":[{"count":3,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/85894\/revisions"}],"predecessor-version":[{"id":87023,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/85894\/revisions\/87023"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media\/85898"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media?parent=85894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/categories?post=85894"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/tags?post=85894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}