
Unidentified Threat Actor Exploits Critical SimpleHelp Vulnerability to Deploy New Malware Families
CybersecurityVulnerabilitiesMalwareHacking
An unidentified threat actor has exploited CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp with a CVSS score of 10.0, to deploy two previously unreported malware families: TaskWeaver and Djinn Stealer. The flaw affects the OpenID Connect (OIDC) flow, allowing unauthenticated attackers to compromise systems. No specific timeline or geographic targeting was disclosed in the observed intrusion. The attack leverages the maximum-severity vulnerability to deliver the new malware strains, though their exact functionality remains unconfirmed. SimpleHelp’s software is the primary target, with no additional affected products mentioned.