SimpleHelp Authentication Bypass Exploited to Deploy TaskWeaver and Djinn Stealer


Attackers are exploiting a critical SimpleHelp authentication bypass vulnerability to break into exposed remote monitoring and management servers and deploy malware on managed systems.

The flaw is tracked as CVE-2026-48558. It affects the OpenID Connect authentication flow in vulnerable SimpleHelp deployments and can allow a remote attacker to obtain a fully authenticated technician session without valid credentials.

Researchers at Blackpoint Cyber said they observed attackers using the flaw to deploy two previously undocumented malware families: TaskWeaver, a Node.js-based loader, and Djinn Stealer, a cross-platform information stealer.

SimpleHelp flaw gives attackers trusted remote access

SimpleHelp is used by IT teams, managed service providers, and help desks to access, support, and manage remote systems. That makes a compromised SimpleHelp server especially dangerous because attackers can abuse legitimate administration features instead of relying only on separate malware tools.

The SimpleHelp security notice says servers running version 5.5.15 and earlier may be exposed under specific conditions, depending on settings and network context. The company said not all servers can be exploited, but it urged customers to update as soon as possible.

According to the Horizon3.ai disclosure, the vulnerability affects SimpleHelp servers that use OIDC authentication. In vulnerable configurations, an unauthenticated attacker can create and authenticate as a new technician user.

What CVE-2026-48558 does

The vulnerability exists because SimpleHelp accepts OIDC identity tokens without properly verifying their cryptographic signature. That allows an attacker to submit a forged token with arbitrary identity claims.

The NVD record says a successful attacker can obtain a technician session, and in some configurations, the issue may also bypass multi-factor authentication. No user interaction is required.

In practical terms, this can give attackers access to the same kind of trusted remote-control path normally used by support staff. They can transfer files, execute commands, and reach managed endpoints through the compromised server.

ItemVerified detail
VulnerabilityCVE-2026-48558
ProductSimpleHelp Remote Monitoring and Management software
Affected versionsSimpleHelp 5.5.15 and earlier, plus 6.0 pre-release versions
Required conditionOIDC authentication must be configured
Fixed versionsSimpleHelp 5.5.16 and SimpleHelp 6.0 RC2
Observed malwareTaskWeaver loader and Djinn Stealer

TaskWeaver hides behind a fake jquery.js file

In the observed intrusion, attackers used SimpleHelpโ€™s remote-management functions to retrieve and run a JavaScript file named jquery.js. The filename was chosen to look harmless, but the file was not the legitimate jQuery library.

The Blackpoint report says TaskWeaver is a heavily obfuscated Node.js loader. It runs through node.exe and gives attackers a reusable delivery channel for additional JavaScript payloads.

Node.js runtime being dropped, then used to download and run TaskWeaver

TaskWeaver does not work like a simple one-purpose malware file. It fingerprints the infected system, communicates with attacker-controlled infrastructure, and retrieves follow-on code. That makes it flexible enough for attackers to adapt the intrusion after the first stage succeeds.

Djinn Stealer targets cloud, developer, and AI credentials

Blackpointโ€™s researchers recovered Djinn Stealer as the second-stage payload. The stealer targets Windows, macOS, and Linux systems, which makes it useful against developers, administrators, and mixed enterprise environments.

Djinn Stealer is designed to collect a wide range of sensitive data. That includes cloud credentials, source-control tokens, SSH keys, package registry credentials, browser data, cryptocurrency wallets, and credentials tied to AI development tools.

This raises the risk beyond the initially compromised machine. A stolen cloud key, GitHub token, package publishing credential, or AI tool token can allow attackers to return through trusted services even after the original endpoint has been isolated.

  • Cloud credentials for AWS, Azure, Google Cloud, and other platforms
  • Source-control data, including GitHub CLI data and Git configuration
  • Package registry credentials for developer ecosystems
  • Infrastructure secrets, SSH keys, Docker credentials, and Terraform data
  • Browser data, saved sessions, shell history, and local configuration files
  • Cryptocurrency wallet data and AI development assistant credentials

CISA confirms active exploitation

CISA has added the SimpleHelp flaw to its Known Exploited Vulnerabilities catalog, which means the agency has evidence that attackers are exploiting it in real-world attacks.

The move increases the urgency for defenders because SimpleHelp sits in a privileged position. A vulnerable RMM server can give attackers reach across multiple machines, users, and customer environments, especially in MSP deployments.

SimpleHelp customers should install the fixed builds listed on the SimpleHelp update page. Teams should also review technician accounts, OIDC settings, server logs, file-transfer records, and command-execution history for signs of unauthorized access.

Indicator typeIndicator
TaskWeaver filenamejquery.js
TaskWeaver SHA-25600cc86d1144020c24c8fbb3a8dc6b908926497ebd23be3bf854360f93d1c8f4c
Djinn Stealer filenameupload
Djinn Stealer SHA-256f4a72600a3735c2a4d843875ea61bbb6f935a1af51a81f2fbc992ce11ba94afc
Loader staging*.trycloudflare[.]com
TaskWeaver C2a[.]dev-tunnels[.]com
Djinn exfiltration96[.]126[.]130[.]126:58942
Suspicious executionnode.exe <path>\jquery.js

What security teams should do now

Organizations should treat this as both a vulnerability response and a credential-exposure incident. Patching closes the known entry point, but it does not automatically invalidate secrets that may already have been stolen.

Djinn Stealer collection rules for AI development tools

The Horizon3.ai advisory recommends checking SimpleHelp technicians for unfamiliar accounts and reviewing server logs for suspicious technician registrations or configuration changes.

Security teams should also rotate credentials that may have been accessible from affected systems. This includes cloud keys, source-control tokens, SSH keys, registry credentials, AI tool tokens, browser sessions, and other developer or administrator secrets.

  • Upgrade SimpleHelp to version 5.5.16 or 6.0 RC2.
  • Restrict technician login access by IP address or trusted network path.
  • Remove exposed SimpleHelp servers from direct internet access where possible.
  • Review technician accounts and OIDC configuration changes.
  • Investigate node.exe launching jquery.js or scripts from unusual folders.
  • Rotate secrets found on systems managed through the affected SimpleHelp server.
  • Monitor for trycloudflare and dev-tunnels lookalike traffic.

Why MSPs face a larger risk

Managed service providers should move especially fast because a single exposed RMM platform can provide access to many downstream customer systems. Attackers often target these tools because they already have the permissions and network reach needed for large-scale movement.

The addition to CISAโ€™s Known Exploited Vulnerabilities catalog should push organizations to verify their exposure immediately, not only during the next scheduled patch cycle.

The main lesson is clear. Remote-management tools need the same protection as domain controllers, identity providers, and cloud administration consoles. Once attackers get trusted technician access, the breach can quickly move from one vulnerable server to credentials, code repositories, cloud systems, and customer environments.

FAQ

What is CVE-2026-48558?

CVE-2026-48558 is a critical authentication bypass vulnerability in SimpleHelp. It affects the OpenID Connect authentication flow and can allow a remote attacker to obtain a technician session in vulnerable configurations.

Which SimpleHelp versions are affected?

The vulnerability affects SimpleHelp 5.5.15 and earlier, along with SimpleHelp 6.0 pre-release versions. SimpleHelp has released fixes in version 5.5.16 and 6.0 RC2.

Are all SimpleHelp servers vulnerable?

No. The vulnerable path depends on specific conditions, including OIDC authentication being configured. However, exposed SimpleHelp servers should still be checked and updated immediately.

What are TaskWeaver and Djinn Stealer?

TaskWeaver is a Node.js-based loader used to deliver additional payloads. Djinn Stealer is a cross-platform information stealer that targets cloud credentials, developer tokens, SSH keys, browser data, crypto wallets, and AI tool credentials.

What should administrators do now?

Administrators should update SimpleHelp, restrict technician access, review OIDC settings and technician accounts, examine logs for suspicious activity, and rotate credentials that may have been exposed from managed systems.

Readers help support VPNCentral. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more

User forum

0 messages