SimpleHelp remote support software carries three CVEs (CVE-2024-57726, CVE-2024-57727, CVE-2024-57728) actively exploited by Storm-1175 as part of the Medusa ransomware campaign’s initial access toolkit. Organizations using SimpleHelp for remote support should apply all available vendor patches immediately, restrict internet exposure, and audit for unauthorized access consistent with the campaign’s post-exploitation patterns.