Tag

#connectwise

2 posts tagged #connectwise.

Analysis · May 20, 2026 · The Commentary Desk

Why ransomware crews love a backup server twice over

CVE-2022-36537 is a ZK Framework bug that handed attackers ConnectWise R1Soft backup servers. A backup server is the perfect ransomware target for two reasons at once: it can push code to everything it protects, and destroying it removes the one thing that lets a victim refuse to pay.
Analysis · May 20, 2026 · analysis-desk

The other half of the ScreenConnect chain just got a 2026 deadline

CVE-2024-1709 got the CVSS 10 and the headlines in February 2024. The path-traversal half that actually lands code execution, CVE-2024-1708, only got its own KEV deadline on April 28, 2026. Two years late, same chain.