Dossier
CVE-2026-48558
Coverage of CVE-2026-48558 in the Nexus archive.
- Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer
Attackers are exploiting a critical authentication bypass vulnerability (CVE-2026-48558) in SimpleHelp to deploy two new malware families, TaskWeaver and Djinn Stealer. The vulnerability impacts the OpenID Connect (OIDC) flow, allowing unauthenticated access.