SimpleHelp Archives • Daily CyberSecurity

Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors RMM Hijacking Campaign Self-Healing Persistence

Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors

Do Son May 7, 2026

A sophisticated phishing campaign is proving that the most effective “virus” is often a legitimate piece of...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026) Vulnerability Digest AI Infrastructure Security

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

Do Son April 27, 2026

Welcome to your Monday morning vulnerability digest. As we close out the final full week of April,...

Hackers Weaponize DocuSign and SimpleHelp in Stealthy New Campaign DocuSign Phishing SimpleHelp Malware

Hackers Weaponize DocuSign and SimpleHelp in Stealthy New Campaign

Do Son February 19, 2026

In a sophisticated blend of social engineering and technical evasion, cybercriminals are increasingly hiding behind trusted corporate...

Exploited in the Wild: Critical BeyondTrust Flaw (CVSS 9.9) Opens Door to Network Takeover BeyondTrust Vulnerability CVE-2026-1731

Exploited in the Wild: Critical BeyondTrust Flaw (CVSS 9.9) Opens Door to Network Takeover

Do Son February 15, 2026

A critical vulnerability in widely used remote access software is currently under active attack, with threat actors...

MSP Nightmare: Medusa & DragonForce Exploit SimpleHelp RMM Flaws for SYSTEM Access RMM Ransomware

MSP Nightmare: Medusa & DragonForce Exploit SimpleHelp RMM Flaws for SYSTEM Access

Do Son November 10, 2025

A new report from Zensec has exposed a critical vulnerability in the IT supply chain, detailing how...

Ransomware Attack: MSP’s RMM Tool Abused to Spread DragonForce DragonForce ransomware MSP RMM attack

Ransomware Attack: MSP’s RMM Tool Abused to Spread DragonForce

Do Son May 29, 2025

In a recent targeted cyberattack, a threat actor compromised the remote monitoring and management (RMM) infrastructure of...

Medusa Ransomware Surges: Attacks Jump 42% as Cybercriminals Expand Operations Medusa ransomware attacks

Medusa Ransomware Surges: Attacks Jump 42% as Cybercriminals Expand Operations

Do Son March 9, 2025

The Medusa ransomware threat continues to escalate, with attacks increasing by 42% between 2023 and 2024, according...

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor

Do Son February 9, 2025

Cybersecurity firm Field Effect has identified and thwarted a sophisticated cyberattack that leveraged newly discovered vulnerabilities in...

SimpleHelp RMM Vulnerabilities Exploited in Latest Cyberattack Campaign SimpleHelp Cyberattack

SimpleHelp RMM Vulnerabilities Exploited in Latest Cyberattack Campaign

Do Son January 27, 2025

Security researchers at Arctic Wolf have uncovered a new campaign exploiting vulnerabilities in SimpleHelp RMM software to...

SimpleHelp Urgents to Patch Critical Security Vulnerabilities Screenshot 2025-01-14 222456

SimpleHelp Urgents to Patch Critical Security Vulnerabilities

Do Son January 14, 2025

Security researcher Naveen Sunkavally of Horizon3.ai has identified critical vulnerabilities in SimpleHelp, a popular remote support software...

Iranian Espionage Seedworm Targets Egypt, Sudan, and Tanzania Iranian Espionage Seedworm group

Iranian Espionage Seedworm Targets Egypt, Sudan, and Tanzania

Do Son December 19, 2023

In the evolving landscape of cyber threats, the Iranian espionage group Seedworm (also known as Muddywater) has...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

SimpleHelp

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

Exploited in the Wild: Critical BeyondTrust Flaw (CVSS 9.9) Opens Door to Network Takeover

MSP Nightmare: Medusa & DragonForce Exploit SimpleHelp RMM Flaws for SYSTEM Access

Ransomware Attack: MSP’s RMM Tool Abused to Spread DragonForce

Medusa Ransomware Surges: Attacks Jump 42% as Cybercriminals Expand Operations

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor

SimpleHelp RMM Vulnerabilities Exploited in Latest Cyberattack Campaign

SimpleHelp Urgents to Patch Critical Security Vulnerabilities

Iranian Espionage Seedworm Targets Egypt, Sudan, and Tanzania