SimpleHelp Authentication Bypass via Missing OIDC JWT Signature Verification

Description

Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux. The SimpleHelp platform is primarily used by managed service providers (MSPs), IT departments, helpdesks, and system administrators for remote monitoring and management (RMM). Earlier this month, offensive security company Horizon3.ai published details about CVE-2026-48558, saying that the flaw could be leveraged to create highly privileged technician accounts without authentication. Exploiting the vulnerability is possible on servers using the OpenID Connect (OIDC) authentication protocol. According to the researchers, around 1,000 SimpleHelp servers exposed online were running a vulnerable configuration at the time of the disclosure. In an incident investigated by managed detection and response (MDR) provider Blackpoint, a threat actor exploited the critical authentication bypass vulnerability to establish an authenticated technician session on an internet-facing SimpleHelp server before deploying the TaskWeaver malware loader and the Djinn Stealer. Based on the findings from the Adversary Pursuit Group (APG), the company's threat intelligence and research team, both pieces of malware are new and have not been documented before. The compromised RMM platform provided the operator with a trusted administrative channel capable of transferring files and executing commands on systems managed through the server. The investigation revealed that TaskWeaver was downloaded in the form of an obfuscated JavaScript file named ‘jquery.js’ from a temporary Cloudflare domain. TaskWeaver is a generic malware loader that fingerprints the compromised device and communicates with the command-and-control (C2) infrastructure to receive new JavaScript modules for execution. The loader then installs Djinn Stealer to collect in a single pass all the sensitive data it can find on a developer's machine, be it Windows, macOS, or Linux. Djinn Stealer has a particular focus on AI development tools, but targets a broad collection of developer and infrastructure credentials: Cloud provider credentials, identity services, deployment platforms, and cloud management tools. Git configuration, GitHub CLI, SSH keys, Docker credentials, Helm, infrastructure-as-code tools (Terraform, Pulumi), secrets management solutions (HashiCorp Vault), and package manager credentials. Authentication data for package registries and build tools (npm, Yarn, pnpm, Cargo, Maven, Gradle, pip, NuGet), potentially enabling access to private packages or malicious package publication. Local configuration files, authentication tokens, session data, and Model Context Protocol (MCP) configuration for AI coding assistants (Claude, Gemini, Codex, Cline, OpenCode, and Kilo). Cryptocurrency wallets and keystores associated with multiple desktop cryptocurrency clients (Bitcoin, Litecoin, Dogecoin, Dash, Ethereum, Monero, Zcash, Exodus, Atomic Wallet, and Electrum). Browser data, shell history, SSH configuration, PGP keys, database client configuration, operating system information, and other user files. On Linux, the malware also attempts to read the /proc/<pid>/cmdline and /proc/<pid>/environ virtual files that contain information about a running process, including secrets (e.g., API keys, credentials, session tokens, file paths.