The Hacker News

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

VENOMOUS#HELPER phishing campaign active since April 2025 has impacted 80+ organizations, mainly in the U.S., using ...
Infosecurity-magazine.com

Hackers Target ScreenConnect Features For Network Intrusions

A rise in cyber-attacks exploiting remote monitoring and management (RMM) tools for initial access via phishing has been observed by cybersecurity researchers. According to the new findings from the ...
Bleeping Computer

ScreenConnect flaws exploited to drop new ToddlerShark malware

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddlerShark. Kimsuky ...
CRN

Blackcat Ransomware Linked With ScreenConnect, Recent Health Care Attacks: US

The FBI, CISA and HHS said that a ScreenConnect remote access domain has commonly been utilized during a spate of recent Blackcat attacks against health care providers. A ScreenConnect remote access ...
TechRepublic

New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers

One vulnerability impacting ConnectWise ScreenConnect that allows remote attackers to bypass authentication to create admin accounts is being used in the wild. Two new vulnerabilities impact ...
CRN

CISA: Update ConnectWise ScreenConnect Servers Or Take Offline As Ransomware Is Deployed

‘It's odd because now our work has shifted to not getting ahead of the vulnerability and understanding it and sharing the intel, it's watching the internet burn and trying to respond and remediate the ...
Infosecurity-magazine.com

Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited

IT admins have been urged to patch any on-premises ScreenConnect servers immediately, after reports that a recently published maximum severity vulnerability is being exploited in the wild.
Dark Reading

Critical ConnectWise RMM Bug Poised for Exploitation Avalanche

Users of the ConnectWise ScreenConnect remote desktop management tool are under active cyberattack, after a proof-of-concept (PoC) exploit surfaced for a max-critical security vulnerability in the ...
Bleeping Computer

ConnectWise urges ScreenConnect admins to patch critical RCE flaw

ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution (RCE) attacks. This security bug is due to an ...

CISA Warning: Attacks on ConnectWise ScreenConnect and Windows Shell

The US cybersecurity agency CISA warns of observed attacks on the Windows Shell and ConnectWise ScreenConnect.
Dark Reading

North Korea Hits ScreenConnect Bugs to Drop 'ToddleShark' Malware

North Korean hackers are using a critical vulnerability in ConnectWise's ScreenConnect software to spread new, shapeshifting espionage malware. Two weeks ago, ConnectWise revealed two flaws in its ...
CSOonline

Critical ConnectWise ScreenConnect flaw exploited in the wild: Update

A critical vulnerability patched this week in the ConnectWise ScreenConnect remote desktop software is already being exploited in the wild. Researchers warn that it’s trivial to exploit the flaw, ...