The North Korea-based Kimsuky APT is abusing ScreenConnect bugs, CVE-2024-1708 and CVE-2024-1709, to propagate a new malware called ToddleShark. ToddlerShark uses polymorphic traits, legitimate Microsoft binaries, and registry modifications to establish persistence and gather sensitive information from infected devices. With a concerted effort to prioritize security updates, organizations can safeguard their systems and data against cyberattacks.