Bleeping Computer

ScreenConnect critical bug now under attack as exploit code emerges

Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. A day ...
CRN

ConnectWise ScreenConnect Vulnerability Exploited: CISA

The ConnectWise ScreenConnect vulnerability, which earlier this year was identified as a potential way for threat actors to perform ViewState code injection attacks, is now being exploited, according ...
TechRepublic

New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers

One vulnerability impacting ConnectWise ScreenConnect that allows remote attackers to bypass authentication to create admin accounts is being used in the wild. Two new vulnerabilities impact ...
Infosecurity-magazine.com

New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices

A novel phishing campaign attempts to trick victims into downloading ConnectWise ScreenConnect remote monitoring and management (RMM) software, enabling attackers to take complete control over ...
Bleeping Computer

ScreenConnect flaws exploited to drop new ToddlerShark malware

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddlerShark. Kimsuky ...
CSOonline

Critical ConnectWise ScreenConnect flaw exploited in the wild: Update

A critical vulnerability patched this week in the ConnectWise ScreenConnect remote desktop software is already being exploited in the wild. Researchers warn that it’s trivial to exploit the flaw, ...
Dark Reading

North Korea Hits ScreenConnect Bugs to Drop 'ToddleShark' Malware

North Korean hackers are using a critical vulnerability in ConnectWise's ScreenConnect software to spread new, shapeshifting espionage malware. Two weeks ago, ConnectWise revealed two flaws in its ...