The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information…

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

A threat actor has been exploiting CVE-2026-48558, a critical SimpleHelp vulnerability, to drop TaskWeaver and Djinn Stealer malware.

Attackers exploited SimpleHelp CVE-2026-48558 to deliver TaskWeaver and Djinn Stealer, targeting credentials across cloud, code, AI, and wallet tools.