Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

Two overlapping intelligence items (SCC-CAM-2026-0369 from Microsoft Defender Experts and SCC-CAM-2026-0354 from The Hacker News/Microsoft) describe the same active campaign targeting Windows endpoints with high-performance GPUs, deploying ScreenConnect as a persistent remote access backdoor and injecting a GPU cryptocurrency miner into Microsoft .NET LOLBins via process hollowing. The campaign uses SEO poisoning and manipulated AI chatbot responses to distribute trojanized versions of common GPU utilities. SCC-CAM-2026-0354 is noted as lower source quality (0.712) and introduces a CVE (CVE-2025-33073) that the source item itself flagged as incorrectly attributed; that CVE is excluded from this rollup.

Author

Tech Jacks Solutions