A phishing campaign called VENOMOUS#HELPER has compromised more than 80 organizations — mostly in the United States — by leveraging legitimate remote monitoring and management software to maintain persistent access to infected systems, active since at least April 2025.