TECH NEWS

Experts warn of 'highly sophisticated' weaponized JPEG campaign used to send out ScreenConnect malware

https://cdn.mos.cms.futurecdn.net/x4SmwpYXk8yGgDmYCVeckL-2560-80.jpg
  • Attackers weaponized a .jpeg file to deliver PowerShell payloads, trojanized ScreenConnect, and establish persistence
  • The malware enables credential theft, encrypted C2 comms, and surveillance features
  • Cyfirma warns the campaign reflects a mature intrusion framework

Be careful when downloading files from the internet, as even innocent .jpeg files can actually contain malware, experts have warned.

Security researchers Cyfirma published an in-depth report on a brand new hacking campaign they named “Operation SilentCanvas”. While we don’t know the number of infections, or successfully compromised victims, the researchers said the campaign likely targets enterprises and other organizations using remote administration tools.

The attack starts when the victim receives the weaponized .jpeg file. Again, we don’t know the exact delivery mechanism, but Cyfirma speculates the file is delivered either via phishing emails with malicious attachments, deceptive file-sharing interactions, or fake software and update lures.

"Professionally engineered and operationally mature intrusion framework"

In any case,...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more

https://www.eu-startups.com/wp-content/uploads/2026/05/Untitled-design-2026-05-19T165310.544.jpg

Berlin-based bunch, an AI-native platform for managers and institutional investors to manage the entire fund lifecycle, raised a €30.1M Series B led by Portage

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data