The vendor belatedly admitted the max-severity vulnerability was actively exploited weeks after researchers and officials confirmed as much independently.

Forta, the vendor behind the file-transfer service software, has yet to report exploitation or address evidence of compromise. Independent researchers say otherwise.

The vendor didn’t provide evidence of active exploitation, yet experts said it’s only a matter of time before that changes.

The action against illicit versions of legitimate Cobalt Strike applications represents the culmination of a year-long investigation.