SFTPPlus version 5.4.0 is now available.

Security updates

The HTTP file server now sets the secure attribute of the session cookie for connections made via an HTTPS reverse proxy.

The low-level operating system errors are no longer displayed to the end users, when an unknown OS error is encountered.

Another minor security fix for Windows, the service and uninstaller are now invoked using double quotes around the executable path.

The TLS secure list of ciphers was updated to match the latest Mozilla recommended configuration for a general-purpose server.

The SFTP / SCP protocol now supports the hmac-sha2-256-etm@openssh.com and hmac-sha2-256-etm@openssh.com SSH hash-based message authentication code (HMAC) algorithms.

New features

Support was added for the Exchange Online mailbox as the source for a transfer.

You can check the full release notes here.