Cybersecurity Researchers Uncover Dual-Vector Attack Using Stolen Credentials and Legitimate RMM Tools

Cybersecurity researchers have uncovered a new dual-vector attack campaign that exploits stolen credentials to deploy legitimate Remote Monitoring and Management (RMM) software, enabling persistent remote access to compromised systems. Instead of deploying custom malware, attackers bypass security perimeters by weaponizing trusted IT tools that administrators rely on, according to KnowBe4 Threat.