CVE-2026-48558: A Perfect 10 in SimpleHelp Opens the Door for Djinn Stealer
An unsigned OIDC token is all it takes to become a fully authenticated technician on a SimpleHelp RMM server. Attackers are already using that shortcut to push a cross-platform infostealer built for the AI era.