AI synthesis Attackers are exploiting CVE-2026-48558, a critical SimpleHelp authentication bypass, to deploy the new cross-platform Djinn Stealer and TaskWeaver malware.
What changed
Every report remains linked to its original publisher.
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux. [...]
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and admin environments to wider enterprise systems.
CVE-2026-48558: SimpleHelp OIDC Auth Bypass Used to Deploy Infostealer Payloads CVE-2026-48558 is a critical authentication bypass affecting SimpleHelp, a remote support and RMM (remote monitoring and management) platfor
Attackers are exploiting CVE-2026-48558, a recently patched authentication bypass vulnerability in SimpleHelp RMM, to drop the novel Djinn Stealer malware on victim computers. The malware is capable of targeting Windows, macOS, and Linux systems, and “collects credentials asso...
An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS score: 10...