Back to Feed
MalwareJun 29, 2026

'Djinn' Stealer Targets Cloud, AI Credentials

'Djinn' infostealer exploits SimpleHelp auth bypass to steal cloud and AI credentials.

Summary

The 'Djinn' infostealer malware is being delivered through CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp. The attack targets cloud and AI service credentials, specifically those linking development and admin environments to broader enterprise systems, potentially enabling lateral movement and unauthorized access to critical infrastructure.

Indicators of Compromise

  • malware — Djinn
  • cve — CVE-2026-48558

Entities

SimpleHelp (product)Cloud credentials (technology)AI credentials (technology)