CISA warns of a new critical vulnerability: ransomware risk
CISA has added flaws in ConnectWise and Windows to its KEV catalog after detecting active attacks that could facilitate the deployment of ransomware.

Security alert: New threats in the KEV catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning after adding two critical flaws to its Known Exploited Vulnerabilities (KEV) catalog. This action follows evidence that these flaws are being actively used in real-world attacks, increasing the risk of large-scale intrusions.
The risk in ConnectWise ScreenConnect
The primary focus is on the CVE-2024-1708 vulnerability, a path traversal flaw in ConnectWise ScreenConnect. With a CVSS score of 8.4, this breach allows attackers to bypass security controls and access unauthorized files, which frequently serves as a gateway for the deployment of ransomware and other malicious code.
"Exploiting known vulnerabilities is the preferred strategy for cybercrime groups to rapidly compromise corporate networks," cybersecurity experts note.
How to protect your infrastructure?
Modern cybersecurity requires constant vigilance. Just as we have seen other compromise attempts in the digital ecosystem, as detailed in LofyGang returns: The new hack that hides malware for Minecraft, attackers do not discriminate between gaming platforms or remote management tools.
To mitigate these risks, organizations should follow these guidelines:
- Immediate audit: Identify if your infrastructure uses vulnerable versions of ConnectWise.
- Patching: Prioritize updating affected systems according to the manufacturer's guidelines.
- Network monitoring: Implement detection solutions to identify any suspicious activity that matches path traversal patterns.
A race against time
Inclusion in the KEV catalog is not just a technical notification; it is a sign that the hack is being monetized by malicious actors. Ignoring these updates means leaving the door open to potential extortion. Keeping software updated and following the recommendations of security agencies is the most effective line of defense in a landscape where threats evolve day by day.
Conclusion
Cybersecurity is not a static task. The speed with which attackers take advantage of these flaws underscores the importance of proactive vulnerability management. Securing your systems today is the best guarantee against tomorrow's attacks.
Sources:
- The Hacker News: https://thehackernews.com/2026/04/cisa-adds-actively-exploited.html
Related articles
11 de julio de 2026
Condemna històrica: membre de la banda Ryuk ransomware admet la seva culpabilitat
Un ciutadà armeni es declara culpable als EUA pel desplegament de ransomware Ryuk, afrontant una possible sentència de 15 anys de presó.
11 de julio de 2026
Historic Conviction: Ryuk Ransomware Gang Member Admits Guilt
An Armenian national pleads guilty in the U.S. for deploying Ryuk ransomware and faces a potential 15-year prison sentence.
11 de julio de 2026
Condena histórica: miembro de la banda Ryuk ransomware admite su culpa
Un ciudadano armenio se declara culpable en EE. UU. por el despliegue de ransomware Ryuk, enfrentando una posible sentencia de 15 años de prisión.
10 de julio de 2026
Hackers exploten Microsoft Entra: Nova vulnerabilitat en passkeys
Un grup d'actors maliciosos utilitza enginyeria social per comprometre comptes de Microsoft 365 mitjançant falsos registres de passkeys a Entra.
Loading comments...