🔴 Attackers are weaponising legitimate RMM tools to break into client networks. And it's working on 80+ organisations

A phishing campaign tracked as VENOMOUS#HELPER has compromised over 80 organisations by delivering customised versions of SimpleHelp and ScreenConnect.

Victims install what looks like a legitimate remote access tool, not realising it’s been modified. Once installed, the attacker has persistent access that’s extremely difficult to detect because the software appears completely normal. The Hacker News

The attacker deploys both SimpleHelp and ScreenConnect simultaneously, deliberately creating a redundant dual-channel backdoor. Block one, the other stays active. Security firm Securonix links the campaign to a financially motivated group operating as a ransomware precursor… meaning the goal is to establish quiet, persistent access before launching a bigger attack later.

Two things worth doing today. First, check whether any of your clients have received unsolicited requests to install remote access software recently. Second, review your own RMM deployment practices. Are clients able to verify that a remote session request genuinely came from you?

🟡 Microsoft's new AI admin role had a flaw that could hand attackers the keys to an entire tenant

Worth understanding before you have the E7 and Agent 365 conversation with clients.

Researchers at identity security firm Silverfort discovered that Microsoft’s Agent ID Administrator role (a new role introduced to manage AI agent identities in Entra ID) had a dangerous scope gap. It was designed to manage agent-related objects only, but in practice it could take ownership of any service principal across the entire tenant. The Hacker News

In plain English: a role meant for managing AI agents turned out to have accidental admin-level power over every app identity in the organisation. An attacker assigned that role could silently take over high-privileged service principals, inject their own credentials, and operate as those applications (with all their permissions) while appearing to be doing nothing unusual.

Microsoft patched it on April 9, so no action needed today. But the timing is worth noting. Agent 365 launched last Friday. AI agent identities are going to multiply fast across client tenants. This won’t be the last identity flaw in the new AI layer.

🟢 A $150M-funded AI security vendor just decided MSPs are the only way it wants to sell

Sublime Security, named the #1 security company on Fast Company’s Most Innovative Companies list this year, has gone 100% channel-led and launched a formal MSP and MSSP partner program. ChannelE2E

The program includes protected margins, deal registration, dedicated partner resources, and hands-on technical enablement. The product itself is AI-powered email security that partners can tune specifically for each client, which turns it into a genuine managed service rather than just a resale.

Email remains the single biggest attack vector. Phishing accounts for the majority of breaches. And a well-funded, award-winning vendor just decided it can only reach its customers through people like you.

Okay, that’s Wednesday done. We’ll be back in your inbox tomorrow morning. Have a fun day.