A new infostealer dubbed "Djinn" is being deployed through a critical SimpleHelp vulnerability, targeting the cloud and AI service credentials that increasingly underpin modern business operations. For NZ organisations adopting cloud platforms and AI tooling at pace, this campaign highlights how attackers are pivoting from traditional credential theft to harvesting the keys that unlock developer pipelines, admin consoles, and AI services.

What Happened

Attackers are exploiting CVE-2026-48558, a critical authentication bypass flaw in SimpleHelp remote support software, to deliver the Djinn infostealer. Because SimpleHelp is commonly used by IT teams and MSPs for remote access, a successful exploit gives attackers a privileged foothold across the environments that tool touches — often without triggering conventional endpoint alarms.

Once deployed, Djinn is purpose-built to harvest credentials and tokens tied to cloud platforms and AI services. This includes API keys, OAuth tokens, CLI configuration files, and session cookies linking developer and admin workstations to wider enterprise systems such as AWS, Azure, GCP, GitHub, and AI service providers.

The targeting is deliberate. Cloud and AI credentials frequently carry broad, long-lived permissions and are often poorly monitored compared to traditional Active Directory accounts. A stolen developer token can lead directly to source code theft, model poisoning, cryptomining, data exfiltration, or lateral movement into production environments.

This campaign reflects a broader trend: attackers are following the money — and the access — into DevOps pipelines and AI workloads, where a single compromised secret can unlock disproportionate damage.

Key Takeaways

  • CVE-2026-48558 in SimpleHelp is being actively exploited to deliver the Djinn infostealer.

  • Djinn specifically targets cloud and AI service credentials, including API keys, tokens, and CLI configs.

  • Remote support and IT management tools remain high-value entry points for attackers and MSP supply chains.

  • Developer and admin workstations are increasingly the crown jewels — they hold the keys to everything else.

  • Long-lived secrets and over-permissioned tokens dramatically widen the blast radius of a single compromise.

  • Traditional endpoint controls alone may miss credential theft activity if telemetry isn't correlated across identity and cloud.

What NZ Businesses Should Do

  1. Patch SimpleHelp immediately against CVE-2026-48558, and audit any remote support or RMM tools in use — including those operated by external IT providers or MSPs. Restrict their network exposure and require MFA on all admin access.

  2. Rotate cloud and AI credentials on developer and administrator endpoints. Shift to short-lived tokens, workload identity federation, and secrets managers rather than static keys stored in local config files.

  3. Deploy modern endpoint and identity protection across developer and admin workstations. TrendAI Standard Endpoint Protection detects infostealer behaviours, while Trend Vision One™ Identity Security (ISPM + ITDR) surfaces risky tokens, stale privileges, and identity-based attacks before they escalate.

  4. Govern AI tool access with Trend Vision One™ AI Secure Access to control how staff and developers connect to GenAI and cloud AI services, and reduce shadow AI credential sprawl.

  5. Unify detection and response using Trend Vision One™ Security Operations (SecOps) — XDR with Agentic SIEM and Agentic SOAR — to correlate endpoint, identity, and cloud telemetry. Pair this with Trend Vision One™ Cyber Risk Exposure Management (CREM) to continuously identify exposed remote access tools and over-privileged cloud identities before attackers do.

Source: Read the full article on Dark Reading