A marked escalation in the abuse of ConnectWise ScreenConnect installers since March 2025, with U.S.-based businesses bearing the brunt of these incursions. Adversaries are now deploying lightweight ClickOnce runner installers”, devoid of embedded configurations”, to evade static detection, fetching malicious components at runtime. Post-installation, attackers automate the rapid deployment of two distinct remote access trojans (RATs): the […] The post Threat Actors Exploit ScreenConnect Installers for Initial Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/screenconnect-installers/
