A marked escalation in the abuse of ConnectWise ScreenConnect installers since March 2025, with U.S.-based businesses bearing the brunt of these incursions. Adversaries are now deploying lightweight ClickOnce runner installers—devoid of embedded configurations—to evade static detection, fetching malicious components at runtime. Post-installation, attackers automate the rapid deployment of two distinct remote access trojans (RATs): the […]The post Threat Actors Exploit ScreenConnect Installers for Initial Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.