SimpleHelp
Coverage of SimpleHelp in the Nexus archive.
- Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer
Attackers are exploiting a critical authentication bypass vulnerability (CVE-2026-48558) in SimpleHelp to deploy two new malware families, TaskWeaver and Djinn Stealer. The vulnerability impacts the OpenID Connect (OIDC) flow, allowing unauthenticated access.
- SimpleHelp bug lets hackers create rogue remote support accounts
A vulnerability in SimpleHelp's remote management software allows unauthenticated attackers to create privileged technician accounts via the OpenID Connect (OIDC) protocol. This security flaw enables unauthorized access to servers by hackers.
- CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
CISA added four actively exploited vulnerabilities to its KEV catalog, affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X routers, with a federal remediation deadline set for May 2026. One vulnerability, CVE-2024-57726, has a critical CVSS score of 9.9 due to a missing authorization flaw.