RMM Abuse Archives • Daily CyberSecurity

Cyber-Actors are “Laundering Trust” to Hijack the Global Supply Chain Load Board Phishing Signing-as-a-Service

Cyber-Actors are “Laundering Trust” to Hijack the Global Supply Chain

Do Son April 20, 2026

Proofpoint researchers have detailed the curtain on a sophisticated cyber-operation targeting the transportation industry, revealing a month-long...

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC STAC6405 Phishing RMM Abuse

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC

Do Son April 6, 2026

Cybercriminals are increasingly trading custom-built malware for legitimate software to slip past corporate defenses. A new investigation...

The Rise of SILENTCONNECT: New Stealthy Loader Exploits Trusted Cloud Giants SILENTCONNECT loader RMM abuse

The Rise of SILENTCONNECT: New Stealthy Loader Exploits Trusted Cloud Giants

Do Son March 26, 2026

Elastic Security Labs has uncovered a sophisticated new infection chain involving a previously undocumented loader dubbed SILENTCONNECT....

The Fake IT Threat: “TrustConnect” Malware-as-a-Service Masquerades as Legitimate RMM Software TrustConnect Malware Fake RMM MaaS

The Fake IT Threat: “TrustConnect” Malware-as-a-Service Masquerades as Legitimate RMM Software

Do Son February 23, 2026

A new report from Proofpoint sheds light TrustConnect, detailing the rise of a new Malware-as-a-Service (MaaS) that...

Attackers Weaponize Legitimate RMM Tools via Fake PDFs RMM Software Abuse AhnLab ASEC Report

Attackers Weaponize Legitimate RMM Tools via Fake PDFs

Do Son January 13, 2026

In a new report, the AhnLab Security Intelligence Center (ASEC) warns of a rising trend where threat...

New “Eternl Desktop” Phishing Lure Drops LogMeIn to Hijack Cardano Wallets

Do Son January 2, 2026

The Cardano community is currently in the crosshairs of a highly sophisticated “wolf in sheep’s clothing” campaign....

Cybercriminals Shift Tactics: Group Deploys Multiple RMM Tools (ScreenConnect, LogMeIn, Naverisk) for Redundant Persistence and Access Resale

Do Son November 20, 2025

A highly active cybercriminal group has shifted tactics in a long-running campaign that abuses remote monitoring and...

Delphi PatoRAT Backdoor Hijacks LogMeIn Resolve and PDQ Connect RMM Tools for Full System Takeover PatoRAT RMM Abuse, LogMeIn Hijacking

Delphi PatoRAT Backdoor Hijacks LogMeIn Resolve and PDQ Connect RMM Tools for Full System Takeover

Do Son November 13, 2025

Researchers from the AhnLab Security Intelligence Center (ASEC) have uncovered a new malware campaign exploiting Remote Monitoring...

New Iranian-Linked APT UNK_SmudgedSerpent Uses RMM Tools and M365 Spoofing for Espionage Autumn Dragon Espionage, DLL Sideloading Moldova disinformation AcidPour Wiper Malware

Autumn Dragon Espionage, DLL Sideloading Moldova disinformation AcidPour Wiper Malware

New Iranian-Linked APT UNK_SmudgedSerpent Uses RMM Tools and M365 Spoofing for Espionage

Do Son November 6, 2025

Researchers at Proofpoint Threat Research have identified a previously unknown cyber-espionage group, dubbed UNK_SmudgedSerpent, which has been...

Cyber-Enabled Cargo Theft: Hackers Hijack Logistics Firms with RMM Tools to Steal Physical Shipments BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Cyber-Enabled Cargo Theft: Hackers Hijack Logistics Firms with RMM Tools to Steal Physical Shipments

Do Son November 4, 2025

Proofpoint researchers have uncovered a sophisticated cyber-enabled cargo theft operation in which threat actors infiltrate trucking and...

NetSupport RAT Campaign Abuses ClickFix to Infect Hosts; 3 Threat Clusters Use RMM for Covert Access TAG-150 CastleLoader, ClickFix MaaS NetSupport RAT ClickFix, Multi-Cluster RMM

TAG-150 CastleLoader, ClickFix MaaS NetSupport RAT ClickFix, Multi-Cluster RMM

NetSupport RAT Campaign Abuses ClickFix to Infect Hosts; 3 Threat Clusters Use RMM for Covert Access

Do Son October 27, 2025

eSentire’s Threat Response Unit (TRU) has exposed a major wave of malicious campaigns abusing the NetSupport Manager...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

RMM Abuse

Cyber-Actors are “Laundering Trust” to Hijack the Global Supply Chain

The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC

The Rise of SILENTCONNECT: New Stealthy Loader Exploits Trusted Cloud Giants

The Fake IT Threat: “TrustConnect” Malware-as-a-Service Masquerades as Legitimate RMM Software

Attackers Weaponize Legitimate RMM Tools via Fake PDFs

New “Eternl Desktop” Phishing Lure Drops LogMeIn to Hijack Cardano Wallets

Cybercriminals Shift Tactics: Group Deploys Multiple RMM Tools (ScreenConnect, LogMeIn, Naverisk) for Redundant Persistence and Access Resale

Delphi PatoRAT Backdoor Hijacks LogMeIn Resolve and PDQ Connect RMM Tools for Full System Takeover

Cyber-Enabled Cargo Theft: Hackers Hijack Logistics Firms with RMM Tools to Steal Physical Shipments

NetSupport RAT Campaign Abuses ClickFix to Infect Hosts; 3 Threat Clusters Use RMM for Covert Access