The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and admin environments to wider enterprise systems. This story comes via www.darkreading.com. The full article is available at the source link below. Frank will update this post as more details emerge. Stay tuned for more coverage on this topic.

Source: https://www.darkreading.com/cyberattacks-data-breaches/djinn-stealer-targets-cloud-ai-credentials