Attackers are exploiting the CVE-2026-48558 authentication bypass vulnerability in SimpleHelp RMM to deploy Djinn Stealer, a sophisticated malware targeting sensitive data across Windows, macOS, and Linux systems. This credential-harvesting campaign leverages trusted support sessions to steal information from cloud platforms, development tools, and cryptocurrency wallets.
Edward Kiledjian
@ekiledjian