Project Hyphae
Search

ConnectWise R1Soft becomes a soft target

Share This Post

On Oct. 28 ConnectWise released a critical security patch for a vulnerability that effects its R1Soft Server Backup Manager (SBM) and ConnectWise Recover v2.97 and earlier. The vulnerability could allow an attacker to access sensitive data or perform remote code execution. Hopefully you don’t have these exposed to the internet, but if you do – work to get that behind a VPN or similar.

While ConnectWise Recover SBMs were automatically updated, you need to upgrade the server backup manager to SBM v6.16.4. There is guidance on how to do this in the ConnectWise security bulletin posted below.

And speaking of backups, you have offline copies of those, right? Its crucial that you protect and have copies of your critical data and applications in a cyber incident, like ransomware.

References:

https://www.connectwise.com/company/trust/security-bulletins/r1soft-and-recover-security-bulletin

https://www.bleepingcomputer.com/news/security/connectwise-fixes-rce-bug-exposing-thousands-of-servers-to-attacks/



Reach out to our incident response team for help

More To Explore

Information Security News – 10/27/2025

AWS Outage Exposes ‘Dangerous’ Over-Reliance on US Cloud Giants Article Link: https://www.datacenterknowledge.com/outages/aws-outage-exposes-dangerous-over-reliance-on-us-cloud-giants Microsoft Threatens to Ram Copilot into Exchange Server On-Prem Article Link: https://www.theregister.com/2025/10/23/copilot_exchange_server/ Ransomware

Marcus Cylar October 28, 2025

Information Security News – 10/20/2025

Arup’s $25M Deepfake Loss: Anatomy of an AI-Powered Scam Article Link: https://www.adaptivesecurity.com/blog/arup-deepfake-scam-attack U.S. Warns That Hackers Using F5 Devices to Target Government Networks Article Link:

Jo Moldenhauer October 24, 2025

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.