HackerFeeds

CyberSecurity News

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

The Hacker News
· July 1, 2026

AI summary

Unknown threat actors are using the ScreenConnect remote access tool to deploy and execute AsyncRAT. This activity is part of a large campaign that involves distributing malicious installer archives from fake websites. The malicious installers are disguised as popular software, including OBS Studio, DNS Jumper, and Bandicam. The campaign is described as massive and spans multiple domains and languages. The malicious archives are hosted on spoofed websites that mimic legitimate software sites.

Read the full article at The Hacker Newsthehackernews.com/2026/07/seo-poisoned-software-sites-abuse.html

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.