[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvWccO2xnLefUqin7W4vmaht6uXaCvk2MS6szMCZDaOA":3},{"article":4,"iocs":49},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":26,"category":27,"article_tags":31},"769f1e70-9665-4fe7-8f94-d9eb91682a3b","Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer","attackers-exploit-simplehelp-cve-2026-48558-to-deploy-taskweaver-and-djinn-steal-5a046a","An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS score: 10.0), a critical authentication bypass vulnerability impacting the OpenID Connect (OIDC) flow that an unauthenticated","An unknown threat actor is exploiting CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, to gain full technician sessions. This allows them to deploy two new malware families, TaskWeaver and Djinn Stealer, which target credentials across cloud platforms, development tools, browsers, and cryptocurrency wallets on Windows, macOS, and Linux systems.","Attackers exploit SimpleHelp CVE-2026-48558 to deploy TaskWeaver and Djinn Stealer.","Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer Ravie LakshmananJun 30, 2026AI Security \u002F Vulnerability An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS score: 10.0), a critical authentication bypass vulnerability impacting the OpenID Connect (OIDC) flow that an unauthenticated attacker could exploit to obtain a fully authenticated \"Technician session by submitting a forged token containing arbitrary identity claims. \"TaskWeaver is a heavily obfuscated Node.js loader, delivered as jquery.js and executed through node.exe, that implements an encrypted, reusable payload delivery channel rather than a fixed set of post exploitation commands,\" Blackpoint Cyber said in an analysis. \"The observed second stage payload, Djinn Stealer, targets Windows, macOS, and Linux systems.\" Djinn Stealer is designed to harvest credentials associated with cloud platforms, source control, package registries, infrastructure tooling, AI development assistants, browsers, SSH, and cryptocurrency wallets. Details of CVE-2026-48558 emerged earlier this month when Horizon3.ai, which discovered the flaw, said it affects servers configured to use either generic OIDC or Azure AD OIDC and that it stems from the manner in which SimpleHelp validates the IdP assertions. \"In many SimpleHelp deployments that have OIDC-type authentication enabled, an unauthenticated attacker can create and authenticate as a new 'Technician' user,\" Horizon3.ai security researcher Zach Hanley said. \"This Technician, by default, can perform privileged management activities such as remoting into managed endpoints, executing scripts, and more.\" \"Even when the SimpleHelp server is configured to enforce MFA for technicians, this issue allows the attacker to bypass this mechanism because on first login, technicians can self-register their own MFA method.\" In the attack chain documented by Blackpoint Cyber, successful exploitation of the flaw in the Remote Monitoring and Management (RMM) software is said to have enabled the threat actor to obtain an authenticated \"Technician\" session on a publicly-accessible server, which was then abused to deploy TaskWeaver and Djinn Stealer. \"The compromised RMM platform provided the operator with a trusted administrative channel capable of transferring files and executing commands on systems managed through the server,\" researchers Nevan Beal and Sam Decker said. TaskWeaver is a modular Node.js loader capable of fingerprinting the system, establishing encrypted communications with a remote server (\"a.dev-tunnels[.]com\"), and retrieving and executing additional JavaScript payloads with elevated access to the Node.js runtime. The final stage is an information stealer engineered to siphon valuable data from compromised Windows, macOS, or Linux hosts. The breadth of the information targeted by the stealer is as follows - Credentials, history, and bookmarks stored in web browsers Configuration and authentication data associated with AWS, Azure, Google Cloud, Oracle Cloud Infrastructure, Okta, Cloudflare, DigitalOcean, Linode, Heroku, Vercel, Railway, Supabase, Pulumi, Terraform, HashiCorp Vault, and Consul GitHub CLI data Git configuration SSH keys Docker authentication Helm registry information S3 and MinIO client configurations Subversion credentials Credentials for npm, pnpm, Yarn, NuGet, Cargo, Composer, Maven, Gradle, pip, PyPI, Conda, Bun, Ivy, and Scala Build Tool Configuration, authentication, session, and project data associated with Anthropic Claude, Google Gemini, OpenAI Codex, Cline, OpenCode, and Kilo Cryptocurrency wallets and keystores associated with Bitcoin, Litecoin, Dogecoin, Dash, Ethereum, Monero, Zcash, Exodus, Atomic Wallet, and Electrum On Linux systems, the malware also attempts to read the \"\u002Fproc\u002F\u003Cpid>\u002Fcmdline\" and \"\u002Fproc\u002F\u003Cpid>\u002Fenviron\" virtual files that may contain information about a running process, such as passwords, API keys, access tokens, database connection strings, and other sensitive values passed through command line arguments or environment variables. Once the information is collected, it's packed into a TAR archive, compressed with GZIP, encrypted using an AES-256-GCM key protected by an RSA-2048 public key embedded in TaskWeaver, and exfiltrated to attacker-controlled infrastructure (\"96.126.130[.]126:58942\"). The campaign illustrates how threat actors are increasingly going after artificial intelligence (AI)-powered platforms as the technology gets embedded across enterprise workflows, enabling them to abuse the AI assistants' privileges to access sensitive data. \"A single authentication bypass became a pathway into everything the managed systems could reach, from cloud platforms and code repositories to AI tools, cryptocurrency wallets, and customer infrastructure,\" the researchers said. \"Credentials accessible from a developer or administrator workstation may provide entry into production infrastructure, build pipelines, source code repositories, deployment platforms, cloud tenants, and customer environments long after the original endpoint has been contained.\" The active exploitation of CVE-2026-48558 has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to the Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 2, 2026. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  AI Security, Authentication bypass, CISA, Credential Theft, Djinn Stealer, node.js, OpenID Connect, RMM, SimpleHelp, TaskWeaver ⚡ Top Stories This Week Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests ⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data ⭐ Featured Resources Get the 2026 Guide to Govern and Secure Enterprise AI Agents at Scale [Watch Demo] See Which Security Gaps Attackers Could Exploit First AI Can’t Stop Every Attack. Learn How Zero Trust Can Block What’s Unknown Have You Outgrown Your MDR? 7 Warning Signs Every CISO Should Check","https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fattackers-exploit-simplehelp-cve-2026.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEgEid1CxvsX2dPrKoA1VzJ6PUhwrXxvSC4ehRmgyaRRCJlP_MFSeOxvwrT2ODJSbQx3E-7bBwBG4YpP3CQGLzojfXEveOgwZgUlcCSf-trk_G0k0Q1_nz4rb1nbRfhXgijfZ9eLDT8v_ATsmqz5AnbNgBuGX7UIc3YwAw1hYZwvzp5Z0eopWNRqTs4W3bP3\u002Fs1600\u002Fhelp-hackers.jpg","2026-06-30T11:18:47+00:00","2026-06-30T12:00:07.218534+00:00",9,[18,21,24],{"name":19,"type":20},"SimpleHelp","product",{"name":22,"type":23},"OpenID Connect","technology",{"name":25,"type":23},"Node.js","80544778-fabb-4dcd-aa35-17492e5dcf4f",{"id":26,"icon":28,"name":29,"slug":30},null,"Vulnerabilities","vulnerabilities",[32,37,39,44],{"category":33},{"id":34,"icon":28,"name":35,"slug":36},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":38},{"id":26,"icon":28,"name":29,"slug":30},{"category":40},{"id":41,"icon":28,"name":42,"slug":43},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":45},{"id":46,"icon":28,"name":47,"slug":48},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[50,54],{"type":51,"value":52,"context":53},"cve","CVE-2026-48558","Critical authentication bypass vulnerability in SimpleHelp",{"type":55,"value":56,"context":57},"domain","a.dev-tunnels[.]com","Remote server for TaskWeaver payload delivery"]