{"id":16243,"date":"2025-05-29T10:34:00","date_gmt":"2025-05-29T10:34:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/"},"modified":"2025-05-29T10:34:00","modified_gmt":"2025-05-29T10:34:00","slug":"dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/","title":{"rendered":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider&#8217;s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints.<br \/>\nIt&#8217;s believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that were<a href=\"https:\/\/thehackernews.com\/2025\/05\/dragonforce-exploits-simplehelp-flaws.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider&#8217;s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It&#8217;s believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":16244,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-16243","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider&#039;s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It&#039;s believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider&#039;s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It&#039;s believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-05-29T10:34:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-05-29T10:34:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider&#039;s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It&#039;s believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/ransomware-lock-Ljp5Ib.jpg\",\"width\":728,\"height\":380},\"datePublished\":\"2025-05-29T10:34:00+00:00\",\"dateModified\":\"2025-05-29T10:34:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It's believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/ransomware-lock-Ljp5Ib.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":728,\"height\":380},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/05\\\/29\\\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-05-29T10:34:00+00:00\",\"dateModified\":\"2025-05-29T10:34:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It's believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#blogposting","name":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/05\/ransomware-lock-Ljp5Ib.jpg","width":728,"height":380},"datePublished":"2025-05-29T10:34:00+00:00","dateModified":"2025-05-29T10:34:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#listItem","name":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/","name":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It's believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/05\/ransomware-lock-Ljp5Ib.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#mainImage","width":728,"height":380},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-05-29T10:34:00+00:00","dateModified":"2025-05-29T10:34:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It's believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-05-29T10:34:00+00:00","article:modified_time":"2025-05-29T10:34:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It's believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that"},"aioseo_meta_data":{"post_id":"16243","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-05-29 11:47:53","updated":"2025-10-15 15:10:26","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tDragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/05\/29\/dragonforce-exploits-simplehelp-flaws-to-deploy-ransomware-across-customer-endpoints-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/16243","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=16243"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/16243\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/16244"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=16243"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=16243"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=16243"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}