SimpleHelp Authentication Bypass Exploited to Deploy TaskWeaver and Djinn Stealer
Attackers are exploiting a critical SimpleHelp authentication bypass vulnerability to break into exposed remote monitoring and management servers and deploy malware on managed systems.
The flaw is tracked as CVE-2026-48558. It affects the OpenID Connect authentication flow in vulnerable SimpleHelp deployments and can allow a remote attacker to obtain a fully authenticated technician session without valid credentials.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
Researchers at Blackpoint Cyber said they observed attackers using the flaw to deploy two previously undocumented malware families: TaskWeaver, a Node.js-based loader, and Djinn Stealer, a cross-platform information stealer.
SimpleHelp flaw gives attackers trusted remote access
SimpleHelp is used by IT teams, managed service providers, and help desks to access, support, and manage remote systems. That makes a compromised SimpleHelp server especially dangerous because attackers can abuse legitimate administration features instead of relying only on separate malware tools.
The SimpleHelp security notice says servers running version 5.5.15 and earlier may be exposed under specific conditions, depending on settings and network context. The company said not all servers can be exploited, but it urged customers to update as soon as possible.
According to the Horizon3.ai disclosure, the vulnerability affects SimpleHelp servers that use OIDC authentication. In vulnerable configurations, an unauthenticated attacker can create and authenticate as a new technician user.
What CVE-2026-48558 does
The vulnerability exists because SimpleHelp accepts OIDC identity tokens without properly verifying their cryptographic signature. That allows an attacker to submit a forged token with arbitrary identity claims.
The NVD record says a successful attacker can obtain a technician session, and in some configurations, the issue may also bypass multi-factor authentication. No user interaction is required.
In practical terms, this can give attackers access to the same kind of trusted remote-control path normally used by support staff. They can transfer files, execute commands, and reach managed endpoints through the compromised server.
| Item | Verified detail |
|---|---|
| Vulnerability | CVE-2026-48558 |
| Product | SimpleHelp Remote Monitoring and Management software |
| Affected versions | SimpleHelp 5.5.15 and earlier, plus 6.0 pre-release versions |
| Required condition | OIDC authentication must be configured |
| Fixed versions | SimpleHelp 5.5.16 and SimpleHelp 6.0 RC2 |
| Observed malware | TaskWeaver loader and Djinn Stealer |
TaskWeaver hides behind a fake jquery.js file
In the observed intrusion, attackers used SimpleHelpโs remote-management functions to retrieve and run a JavaScript file named jquery.js. The filename was chosen to look harmless, but the file was not the legitimate jQuery library.
The Blackpoint report says TaskWeaver is a heavily obfuscated Node.js loader. It runs through node.exe and gives attackers a reusable delivery channel for additional JavaScript payloads.

TaskWeaver does not work like a simple one-purpose malware file. It fingerprints the infected system, communicates with attacker-controlled infrastructure, and retrieves follow-on code. That makes it flexible enough for attackers to adapt the intrusion after the first stage succeeds.
Djinn Stealer targets cloud, developer, and AI credentials
Blackpointโs researchers recovered Djinn Stealer as the second-stage payload. The stealer targets Windows, macOS, and Linux systems, which makes it useful against developers, administrators, and mixed enterprise environments.
Djinn Stealer is designed to collect a wide range of sensitive data. That includes cloud credentials, source-control tokens, SSH keys, package registry credentials, browser data, cryptocurrency wallets, and credentials tied to AI development tools.
This raises the risk beyond the initially compromised machine. A stolen cloud key, GitHub token, package publishing credential, or AI tool token can allow attackers to return through trusted services even after the original endpoint has been isolated.
- Cloud credentials for AWS, Azure, Google Cloud, and other platforms
- Source-control data, including GitHub CLI data and Git configuration
- Package registry credentials for developer ecosystems
- Infrastructure secrets, SSH keys, Docker credentials, and Terraform data
- Browser data, saved sessions, shell history, and local configuration files
- Cryptocurrency wallet data and AI development assistant credentials
CISA confirms active exploitation
CISA has added the SimpleHelp flaw to its Known Exploited Vulnerabilities catalog, which means the agency has evidence that attackers are exploiting it in real-world attacks.
The move increases the urgency for defenders because SimpleHelp sits in a privileged position. A vulnerable RMM server can give attackers reach across multiple machines, users, and customer environments, especially in MSP deployments.
SimpleHelp customers should install the fixed builds listed on the SimpleHelp update page. Teams should also review technician accounts, OIDC settings, server logs, file-transfer records, and command-execution history for signs of unauthorized access.
| Indicator type | Indicator |
|---|---|
| TaskWeaver filename | jquery.js |
| TaskWeaver SHA-256 | 00cc86d1144020c24c8fbb3a8dc6b908926497ebd23be3bf854360f93d1c8f4c |
| Djinn Stealer filename | upload |
| Djinn Stealer SHA-256 | f4a72600a3735c2a4d843875ea61bbb6f935a1af51a81f2fbc992ce11ba94afc |
| Loader staging | *.trycloudflare[.]com |
| TaskWeaver C2 | a[.]dev-tunnels[.]com |
| Djinn exfiltration | 96[.]126[.]130[.]126:58942 |
| Suspicious execution | node.exe <path>\jquery.js |
What security teams should do now
Organizations should treat this as both a vulnerability response and a credential-exposure incident. Patching closes the known entry point, but it does not automatically invalidate secrets that may already have been stolen.

The Horizon3.ai advisory recommends checking SimpleHelp technicians for unfamiliar accounts and reviewing server logs for suspicious technician registrations or configuration changes.
Security teams should also rotate credentials that may have been accessible from affected systems. This includes cloud keys, source-control tokens, SSH keys, registry credentials, AI tool tokens, browser sessions, and other developer or administrator secrets.
- Upgrade SimpleHelp to version 5.5.16 or 6.0 RC2.
- Restrict technician login access by IP address or trusted network path.
- Remove exposed SimpleHelp servers from direct internet access where possible.
- Review technician accounts and OIDC configuration changes.
- Investigate node.exe launching jquery.js or scripts from unusual folders.
- Rotate secrets found on systems managed through the affected SimpleHelp server.
- Monitor for trycloudflare and dev-tunnels lookalike traffic.
Why MSPs face a larger risk
Managed service providers should move especially fast because a single exposed RMM platform can provide access to many downstream customer systems. Attackers often target these tools because they already have the permissions and network reach needed for large-scale movement.
The addition to CISAโs Known Exploited Vulnerabilities catalog should push organizations to verify their exposure immediately, not only during the next scheduled patch cycle.
The main lesson is clear. Remote-management tools need the same protection as domain controllers, identity providers, and cloud administration consoles. Once attackers get trusted technician access, the breach can quickly move from one vulnerable server to credentials, code repositories, cloud systems, and customer environments.
FAQ
CVE-2026-48558 is a critical authentication bypass vulnerability in SimpleHelp. It affects the OpenID Connect authentication flow and can allow a remote attacker to obtain a technician session in vulnerable configurations.
The vulnerability affects SimpleHelp 5.5.15 and earlier, along with SimpleHelp 6.0 pre-release versions. SimpleHelp has released fixes in version 5.5.16 and 6.0 RC2.
No. The vulnerable path depends on specific conditions, including OIDC authentication being configured. However, exposed SimpleHelp servers should still be checked and updated immediately.
TaskWeaver is a Node.js-based loader used to deliver additional payloads. Djinn Stealer is a cross-platform information stealer that targets cloud credentials, developer tokens, SSH keys, browser data, crypto wallets, and AI tool credentials.
Administrators should update SimpleHelp, restrict technician access, review OIDC settings and technician accounts, examine logs for suspicious activity, and rotate credentials that may have been exposed from managed systems.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
User forum
0 messages