Advertisement

CVE-2026-48558: SimpleHelp OIDC Authentication Bypass & Malware
Threat actors are actively exploiting CVE-2026-48558, a critical SimpleHelp OpenID Connect authentication bypass vulnerability, to deploy TaskWeaver and Djinn Stealer

Djinn Stealer Targets Cloud & AI Credentials via SimpleHelp CVE-2026-48558
Analysis of Djinn Stealer, an infostealer delivered via critical SimpleHelp CVE-2026-48558, targeting cloud and AI development credentials.
Critical SimpleHelp Vulnerability Exploited for Malware Delivery
A critical vulnerability in SimpleHelp is actively exploited to deploy malware, targeting credentials, SSH keys, and crypto wallets. Immediate patching is essential.
CVE-2023-6110: Rogue Account Creation in SimpleHelp — Patch Now
Attackers can exploit an OIDC implementation flaw in SimpleHelp servers to create unauthorized technician accounts. Immediate update to 5.2.24 is required.

VENOMOUS#HELPER Phishing Campaign Exploits SimpleHelp and ScreenConnect
VENOMOUS#HELPER phishing campaign targets over 80 organizations using SimpleHelp and ScreenConnect RMM tools for persistent unauthorized remote access.

CISA KEV Catalog Adds Exploited Samsung and SimpleHelp Vulnerabilities
CISA adds four exploited flaws in SimpleHelp, Samsung MagicINFO 9, and D-Link routers to its KEV catalog, mandating remediation by May 2026.