Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →

Powered by CVE WATCHTOWER

×

ScreenConnect

Sophisticated GPU Cryptojacking Campaign Surfaced by Microsoft Experts Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Sophisticated GPU Cryptojacking Campaign Surfaced by Microsoft Experts

Do Son June 1, 2026

Microsoft Defender Experts recently identified a highly targeted digital threat spreading across the internet. Specifically, a dangerous...

Weaponized JPEG Payload Deploys Trojanized ScreenConnect for Covert Espionage axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Weaponized JPEG Payload Deploys Trojanized ScreenConnect for Covert Espionage

Do Son May 14, 2026

The threat intelligence team at CYFIRMA has uncovered a sophisticated multi-stage intrusion campaign. Attackers are currently leveraging...

Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors RMM Hijacking Campaign Self-Healing Persistence

RMM Hijacking Campaign Self-Healing Persistence

Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors

Do Son May 7, 2026

A sophisticated phishing campaign is proving that the most effective “virus” is often a legitimate piece of...

Cyber-Actors are “Laundering Trust” to Hijack the Global Supply Chain Load Board Phishing Signing-as-a-Service

Load Board Phishing Signing-as-a-Service

Cyber-Actors are “Laundering Trust” to Hijack the Global Supply Chain

Do Son April 20, 2026

Proofpoint researchers have detailed the curtain on a sophisticated cyber-operation targeting the transportation industry, revealing a month-long...

New Stealth Attack Chain Weaponizes Legitimate Remote Access Software ScreenConnect Hijack In-Memory Attack

ScreenConnect Hijack In-Memory Attack

New Stealth Attack Chain Weaponizes Legitimate Remote Access Software

Do Son April 14, 2026

Security researchers have uncovered a sophisticated new threat that turns the simple act of downloading a document...

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC STAC6405 Phishing RMM Abuse

STAC6405 Phishing RMM Abuse

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC

Do Son April 6, 2026

Cybercriminals are increasingly trading custom-built malware for legitimate software to slip past corporate defenses. A new investigation...

The Rise of SILENTCONNECT: New Stealthy Loader Exploits Trusted Cloud Giants SILENTCONNECT loader RMM abuse

SILENTCONNECT loader RMM abuse

The Rise of SILENTCONNECT: New Stealthy Loader Exploits Trusted Cloud Giants

Do Son March 26, 2026

Elastic Security Labs has uncovered a sophisticated new infection chain involving a previously undocumented loader dubbed SILENTCONNECT....

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys ScreenConnect Vulnerability CVE-2026-3564

ScreenConnect Vulnerability CVE-2026-3564

Leaving the Doors Unlocked: Critical 9.0 CVSS ScreenConnect Flaw Exposes Machine Keys

Do Son March 18, 2026

ConnectWise recently issued a critical security update for its ScreenConnect platform, addressing a significant vulnerability that could...

Signed Malware Masquerading as Workplace Apps Deploys Persistent Backdoors EV Certificate Phishing RMM Backdoors

EV Certificate Phishing RMM Backdoors

Signed Malware Masquerading as Workplace Apps Deploys Persistent Backdoors

Do Son March 6, 2026

Security researchers at Microsoft Defender Experts have uncovered a sophisticated phishing campaign that turns the tools of...

Attackers Weaponize Legitimate RMM Tools via Fake PDFs RMM Software Abuse AhnLab ASEC Report

RMM Software Abuse AhnLab ASEC Report

Attackers Weaponize Legitimate RMM Tools via Fake PDFs

Do Son January 13, 2026

In a new report, the AhnLab Security Intelligence Center (ASEC) warns of a rising trend where threat...

Critical ScreenConnect Flaw (CVE-2025-14265) Risks Config Exposure & Untrusted Extension Installation

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical ScreenConnect Flaw (CVE-2025-14265) Risks Config Exposure & Untrusted Extension Installation

Do Son December 16, 2025

ConnectWise has issued an important security update for its widely used remote support software, ScreenConnect, addressing a...

Cybercriminals Shift Tactics: Group Deploys Multiple RMM Tools (ScreenConnect, LogMeIn, Naverisk) for Redundant Persistence and Access Resale Multi-RMM Persistence, IAB Tactics

Multi-RMM Persistence, IAB Tactics

Cybercriminals Shift Tactics: Group Deploys Multiple RMM Tools (ScreenConnect, LogMeIn, Naverisk) for Redundant Persistence and Access Resale

Do Son November 20, 2025

A highly active cybercriminal group has shifted tactics in a long-running campaign that abuses remote monitoring and...

Cyber-Enabled Cargo Theft: Hackers Hijack Logistics Firms with RMM Tools to Steal Physical Shipments BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Cyber-Enabled Cargo Theft: Hackers Hijack Logistics Firms with RMM Tools to Steal Physical Shipments

Do Son November 4, 2025

Proofpoint researchers have uncovered a sophisticated cyber-enabled cargo theft operation in which threat actors infiltrate trucking and...

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC ScreenConnect, XWorm RAT

ScreenConnect, XWorm RAT

A Deceptive AI Lure Is Hiding ScreenConnect & XWorm RAT to Hijack Your PC

Do Son August 29, 2025

The SpiderLabs Threat Hunt Team at Trustwave has discovered a malicious campaign abusing AI-themed branding to trick...

A Silent Threat: How a Stealthy Campaign Is Stealing ScreenConnect Credentials for Ransomware ScreenConnect, credential harvesting

ScreenConnect, credential harvesting

A Silent Threat: How a Stealthy Campaign Is Stealing ScreenConnect Credentials for Ransomware

Do Son August 28, 2025

The Mimecast Threat Research team, led by Samantha Clarke, has exposed an ongoing credential harvesting campaign (designated...

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer Cursor AI, Crypto Theft

Cursor AI, Crypto Theft

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer

Do Son July 15, 2025

A fraudulent extension for the Cursor AI IDE—an editor built upon Microsoft’s open-source Visual Studio Code—was used...

ConnectWise ScreenConnect Targeted by Nation-State Actor TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

ConnectWise ScreenConnect Targeted by Nation-State Actor

Do Son May 30, 2025

ConnectWise, a prominent provider of IT management solutions, has issued a brief but concerning security advisory disclosing...

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect ScreenConnect vulnerability ViewState RCE

ScreenConnect vulnerability ViewState RCE

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect

Do Son April 26, 2025

ConnectWise has issued an important security bulletin addressing a critical code injection vulnerability in ScreenConnect versions 25.2.3...

Qilin Ransomware Attack Exploits MSP Vulnerability to Target Downstream Customers sopho

sopho

Qilin Ransomware Attack Exploits MSP Vulnerability to Target Downstream Customers

Do Son April 3, 2025

In a recent cybersecurity incident, Qilin ransomware affiliates successfully compromised a Managed Service Provider (MSP) by exploiting...

RMM Tools: The New Weapon of Choice for Cybercriminals Weapon RMM Tools

Weapon RMM Tools

RMM Tools: The New Weapon of Choice for Cybercriminals

Do Son March 13, 2025

Proofpoint researchers have released a report highlighting a concerning trend: the increasing use of legitimate Remote Monitoring...