https://www.bleepingcomputer.com/news/security/clop-ransomware-likely-testing-moveit-zero-day-since-2021/

The Clop ransomware gang has been looking for ways to exploit a now-patched zero-day in the MOVEit Transfer managed file transfer (MFT) solution since 2021, according to Kroll security experts.

While analyzing logs on some clients' compromised networks during the investigation of recent Clop data theft attacks targeting vulnerable MOVEit Transfer instances, they found malicious activity matching the method used by the gang to deploy the newly discovered LemurLoot web shell.