All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

By

[email protected] (The Hacker News)

3d ago

Source

thehackernews.comSEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRATthehackernews.com
Snippet from the RSS feed
Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a "massive, multi-domain, multi-language" campaign that distributes malicious installer archives hosted on spoofed websites. These installers masquerade as popular software like OBS Studio, DNS Jumper, DS4Windows, and Bandicam, among others.

You might also wanna read

Kaspersky discovers malware campaign on Steam's Wallpaper Engine targeting user accounts

Cybersecurity firm Kaspersky has discovered a malware campaign on Steam's popular Wallpaper Engine app, where hackers hid malicious software

dexerto.com·17d ago

Config File Auto-Execution Creates Supply Chain Security Blindspot Across IDEs and Package Managers

This article exposes a critical supply chain security blindspot where ordinary-looking configuration files in code repositories can automati

safedep.io·26d ago

Glitch SPY: New Android RAT Distributed Through Fake Polish Rental App Targets Users via Accessibility Service Abuse

Cyble Research Labs identified Glitch SPY, a new Android Remote Access Trojan (RAT) builder platform discovered through an exposed command-a

hendryadrian.com·3d ago

Microsoft detects 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries

A threat actor using the alias vpmdhaj published 14 malicious npm packages within four hours, impersonating legitimate OpenSearch, Elasticse

theregister.com·1mo ago

Microsoft detects 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries

A threat actor using the alias vpmdhaj published 14 malicious npm packages within four hours, impersonating legitimate OpenSearch, Elasticse

theregister.com·1mo ago

Critical zero-click prompt injection vulnerabilities in Cursor AI code editor allow sandbox escape and remote code execution

Two critical zero-click prompt injection vulnerabilities (CVE-2026-50548 and CVE-2026-50549, collectively "DuneSlide") were discovered in Cu

undercodetesting.com·22h ago

CrowdStrike, Google, and Shadowserver dismantle Glassworm botnet targeting open-source developers

CrowdStrike, in collaboration with Google and the nonprofit Shadowserver, has taken down the Glassworm botnet — a cybercriminal operation th

buff.ly·1mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.