SECURITYTHE HACKER NEWS
Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer
Attackers are exploiting a critical authentication bypass vulnerability (CVE-2026-48558) in SimpleHelp to deploy two new malware families, TaskWeaver and Djinn Stealer. The vulnerability impacts the OpenID Connect (OIDC) flow, allowing unauthenticated access.
Mentioned
Related Signal
Adjacent reporting
- The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
- PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
- Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
- CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
- LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root