"Morphisec fired the opening salvo with a blog post calling the incident a "critical supply-chain compromise," alleging hackers used eScan's own update system to push malicious files and interfere with cleanup. MicroWorld Technologies-owned eScan, however, says that Morphisec's account is wrong on multiple fronts. In a statement to The Register, eScan said it detected suspicious activity through its internal monitoring before any external notification and initiated incident response the same day."
"The customer advisory eScan sent to affected users on January 22, as seen by The Register, offers a much narrower version of events. An unauthorized user gained access to configuration on a single regional update server, resulting in a rogue file briefly appearing in the update path for about two hours on January 20. The advisory states that the file distributed was not an official eScan binary or a legitimate update, and that no vulnerability existed in the eScan product itself."
Morphisec described the incident as a critical supply-chain compromise, alleging hackers abused eScan's update system to push malicious files and impede cleanup. eScan countered that it detected suspicious activity via internal monitoring on January 20, 2026, initiated incident response immediately, and issued an advisory and remediation patch. An unauthorized user accessed configuration on a single regional update server, causing a rogue file to appear in the update path for about two hours. The distributed file was not an official eScan binary, no vulnerability was found in the product, affected machines experienced update failures and host-file changes, and eScan reported no evidence of data exfiltration.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]