Skip to content
The Nexus
DossierENTITY

SimpleHelp

Coverage of SimpleHelp in the Nexus archive.

Earliest in view: Apr 25 · 05:08 UTCMost recent: Jun 30 · 11:18 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 30 · 11:18 UTCTHE HACKER NEWS
    Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

    Attackers are exploiting a critical authentication bypass vulnerability (CVE-2026-48558) in SimpleHelp to deploy two new malware families, TaskWeaver and Djinn Stealer. The vulnerability impacts the OpenID Connect (OIDC) flow, allowing unauthenticated access.

  • SECURITYJun 15 · 20:06 UTCBLEEPING COMPUTER
    SimpleHelp bug lets hackers create rogue remote support accounts

    A vulnerability in SimpleHelp's remote management software allows unauthenticated attackers to create privileged technician accounts via the OpenID Connect (OIDC) protocol. This security flaw enables unauthorized access to servers by hackers.

  • SECURITYApr 25 · 05:08 UTCTHE HACKER NEWS
    CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline

    CISA added four actively exploited vulnerabilities to its KEV catalog, affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X routers, with a federal remediation deadline set for May 2026. One vulnerability, CVE-2024-57726, has a critical CVSS score of 9.9 due to a missing authorization flaw.