ConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted Breach
May 30, 2025
Vulnerability / Data Breach
ConnectWise, the developer of remote access and support software ScreenConnect, has disclosed that it was the victim of a cyber attack that it said was likely perpetrated by a nation-state threat actor. "ConnectWise recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation-state actor, which affected a very small number of ScreenConnect customers," the company said in a brief advisory on May 28, 2025. The company said it has engaged the services of Google Mandiant to conduct a forensic probe into the incident and that it has notified all affected customers. The incident was first reported by CRN. However, it did not reveal the exact number of customers who were impacted by the hack, when it happened, or the identity of the threat actor behind it. It's worth noting that the company, in late April 2025, patched CVE-2025-3935 (CVSS score: 8.1), a high-severity vulnerability in ScreenConnect versions 25.2.3 and ea...