ConnectWise patches new flaw allowing ScreenConnect hijacking

ConnectWise is warning ScreenConnect customers of a cryptographic signature verification vulnerability that could lead to unauthorized access and privilege escalation.
CRN

ConnectWise Releases ScreenConnect 26.1 Patch for Critical Vulnerability

The new vulnerability in ConnectWise’s ScreenConnect remote support and access tool marks the second time in less than a year ScreenConnect has had cybersecurity issues.
Bleeping Computer

ScreenConnect MSP Software Used to Install Zeppelin Ransomware

Threat actors are utilizing the ScreenConnect (now called ConnectWise Control) MSP remote management software to compromise a network, steal data, and install the Zeppelin Ransomware on compromised ...