Threat actors have increasingly exploited vulnerabilities and configurations in ConnectWise software to distribute signed malware, masquerading as legitimate applications. Initially observed in February 2024 with ransomware attacks linked to vulnerabilities CVE-2024-1708 and CVE-2024-1709, the abuse escalated by March 2025 under the moniker “EvilConwi”. This new wave of attacks leverages ConnectWise’s ScreenConnect tool, manipulating its certificate […] The post Threat Actors Exploit ConnectWise Configuration to Create Signed Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/threat-actors-exploit-connectwise-configuration/
