Dossier
TaskWeaver
Coverage of TaskWeaver in the Nexus archive.
- Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer
Attackers are exploiting a critical authentication bypass vulnerability (CVE-2026-48558) in SimpleHelp to deploy two new malware families, TaskWeaver and Djinn Stealer. The vulnerability impacts the OpenID Connect (OIDC) flow, allowing unauthenticated access.