The CL0P ransomware group is actively targeting Gladinet CentreStack file servers and other file transfer services in its latest extortion efforts. The campaign is likely exploiting known or unknown vulnerabilities, with preparations for a new wave of data leaks on their dark web site. #CL0P #GladinetCentreStack #CVE2025-11371 #CisoKEV
Keypoints
- CL0P is targeting internet-facing Gladinet CentreStack file servers for extortion campaigns.
- The group appears to be preparing a new wave of data leaks on its dark web site.
- Recent vulnerabilities such as CVE-2025-11371 are being exploited or are related to the campaign.
- Over 200 IPs are potentially targeted by CL0Pās exploitation efforts.
- CL0P has a history of attacking file sharing and transfer services like Oracle EBS and MOVEit.
Read More: https://thecyberexpress.com/cl0p-ransomware-targets-gladinet-centrestack/