A recent cybersecurity alert has been issued regarding unauthorized access to devices running SimpleHelp RMM software, following the disclosure of three vulnerabilities: CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728. This campaign was observed just a week after the vulnerabilities were made public. Additionally, Mandiant reported that the Ivanti Connect Secure VPN has been targeted in a new zero-day exploitation since December 2024, with active exploitation confirmed by the group UNC5221, utilizing malware known as SPAWN, DRYHOOK, and PHASEJAM. The rise of remote access exploitation has been identified as a key threat in 2024, prompting experts to recommend enhanced security measures such as multi-factor authentication and regular software updates to mitigate risks associated with hybrid work environments.