A marked escalation in the abuse of ConnectWise ScreenConnect installers since March 2025, with U.S.-based businesses bearing the brunt of these incursions. Adversaries are now deploying lightweight ClickOnce runner installers—devoid of embedded configurations—to evade static detection, fetching malicious components at runtime. Post-installation, attackers automate the rapid deployment of two distinct remote access trojans (RATs): the […]

The post Threat Actors Exploit ScreenConnect Installers for Initial Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/screenconnect-installers/