The Hacker News

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

VENOMOUS#HELPER phishing campaign active since April 2025 has impacted 80+ organizations, mainly in the U.S., using ...
Infosecurity-magazine.com

Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm

Ransomware actors have compromised customers of a utility software billing software provider after exploiting a vulnerability in the SimpleHelp Remote Monitoring and Management (RMM) tool. A new ...
Yahoo

DragonForce ransomware hacks SimpleHelp RMM tool to attack MSPs

Add Yahoo as a preferred source to see more of our stories on Google. In a blog post, Sophos MDR researchers noted they were alerted to the incident when a “suspicious installation” of a SimpleHelp ...
Dark Reading

CISA Reveals 'Pattern' of Ransomware Attacks Against SimpleHelp RMM

The Cybersecurity and Infrastructure Security Agency (CISA) is urging SimpleHelp customers to patch a known vulnerability following a wave of ransomware attacks targeting downstream customers. The ...
Bleeping Computer

Latest SimpleHelp RMM news

A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and ...
CSOonline

Iran cyberespionage group taps SimpleHelp for persistence on victim devices

Group-IB researchers have also identified a previously unknown command and control infrastructure and a PowerShell script that APT group MuddyWater is using for its cyberespionage and IP theft attacks ...
Bleeping Computer

Latest Initial Access news

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access trojan to gain network access that could lead to ransomware attacks. A ...