#2
The Hacker News
general
June 30, 2026 at 11:18 UTC
Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer
By [email protected] (The Hacker News)
AI Summary
An unknown threat actor is exploiting CVE-2026-48558 (CVSS 10.0), a critical authentication bypass in SimpleHelp's OIDC flow, to deploy two previously undocumented malware families: TaskWeaver and the Djinn Stealer, which targets cloud, AI, SSH keys, and cryptocurrency wallet credentials. The CVSS-perfect score and focus on developer/admin credential theft make this a high-priority patch for any organization running SimpleHelp remote access software.
Relevance score: 86.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →