DragonForce Ransomware Group Exploits SimpleHelp Vulnerabilities

The threat actors behind the DragonForce ransomware have gained access to the SimpleHelp remote monitoring and management (RMM) tool of an unnamed managed service provider (MSP). They then exploited this access to exfiltrate data and deploy ransomware on multiple endpoints. The attackers likely exploited three security vulnerabilities in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726).