Skip to content

// #rmm

2 articles

← All tags
🔑 IAM

SimpleHelp Remote Support: New OIDC Flaw Lets Unauthenticated Attackers Create Rogue Privileged Technician Accounts

A new authentication vulnerability in SimpleHelp Remote Support — distinct from the path traversal and privilege escalation flaws patched earlier in 2026 — allows an unauthenticated attacker to exploit a flaw in the OIDC single sign-on implementation to create privileged technician accounts with full remote session capabilities. SimpleHelp has released emergency patches; exploitation has been observed in the wild.

#simplehelp +6
🛡️ SecOps

Gentelman Ransomware Surges: 9 Healthcare and Professional Services Victims in 72 Hours

The Gentelman ransomware group (tracked as Storm-2697) claimed 15 victims between 1–3 June with a heavy focus on healthcare providers and professional services firms in North America. The surge appears linked to exploitation of known vulnerabilities in remote management software. Healthcare organisations should review internet-exposed remote access and RMM tool exposure immediately.

#ransomware +7

Commentary tagged #rmm

Opinion

Healthcare Ransomware Is a Structural Problem. The Gentelman Surge Is Not a Surprise.

The Gentelman ransomware surge hitting healthcare this week follows a pattern that has repeated with near-mechanical regularity for five years. The security industry has correctly diagnosed the problem: legacy infrastructure, high willingness to pay, broad RMM attack surface, and regulatory environments that prioritise availability over security. The diagnosis is correct. The treatment is not happening fast enough.

CipherWatch Editorial

Security Intelligence Platform