'Djinn' Stealer Targets Cloud, AI Credentials

CYBERATTACKS & DATA BREACHES CYBER RISK APPLICATION SECURITY THREAT INTELLIGENCE NEWS 'Djinn' Stealer Targets Cloud, AI Credentials The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and admin environments to wider enterprise systems. Jai Vijayan,Contributing Writer June 29, 2026 4 Min Read SOURCE: DIMART GRAPHICS VIA SHUTTERSTOCK Vulnerabilities in remote monitoring and management (RMM) tools can give attackers a direct path into enterprise environments, often with the same trusted access that IT administrators rely on to remotely manage systems. A recent intrusion campaign shows how quickly attackers can leverage that access to deploy malware and establish a broad foothold across enterprise networks. The attack began with the threat actor exploiting CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, an RMM platform used by more than 6,000 organizations to manage millions of endpoint devices, eventually delivering a second-stage payload dubbed Djinn Stealer. Turning an Initial Foothold Into Broad Access   Researchers at Blackpoint Cyber's Adversary Pursuit Group (APG) who investigated the incident observed the attacker exploiting the flaw on an Internet-facing SimpleHelp server and obtaining an authenticated technician session, giving them the same remote management capabilities as a legitimate IT administrator. Related:In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw Once inside, the attackers mass deployed an obfuscated JavaScript loader that Blackpoint is tracking as TaskWeaver. The attackers disguised TaskWeaver as a benign file named jsquery.js and hosted it on temporary Cloudflare infrastructure. Blackpoint found the threat actor using the malware to fingerprint compromised systems, establish communications with a command-and-control (C2) server, and retrieve Djinn Stealer. The malware, as Blackpoint noted in its blog, “is built to strip a developer’s machine of everything valuable in a single pass.” This includes cloud credentials, SSH keys, API keys, service account credentials, and other infrastructure secrets. Blackpoint observed the malware targeting credentials for package registries and build-tool ecosystems including npm, Yarn, NuGet, Composer, Maven, and PyPI. An attacker with such credentials could access private packages, publish malicious software, alter dependencies, and execute other supply chain attacks, the security vendor noted. According to Blackpoint, Djinn Stealer is designed to collect and package stolen data on the endpoint, then encrypt it using AES-256-GCM before exfiltration, with the encryption key itself protected by RSA-2048. Most notably, Blackpoint found Djinn Stealer equipped to search for credentials associated with AI development tools and agents, including local configuration files for services such as Claude, Gemini, Codex, Cline, OpenCode, and Kilo.  "Many of these tools rely on the Model Context Protocol (MCP) to connect an AI assistant to external tools and data on the developer's behalf, including source repositories, databases, cloud accounts, and internal APIs," according to Blackpoint's report. Such credentials could allow an attacker to access and manipulate data and cloud infrastructure with the same privileges as the developer or the AI agent itself.  Related:EdTech Attackers Shift From Schools to Their Software Suppliers "As AI becomes embedded across development, administration, and business workflows, credentials associated with these platforms are becoming increasingly valuable to threat actors," notes Nevan Beal, principal MDR analyst at Blackpoint.  Djinn Stealer, he says, stands out not simply for how it targets AI related data. It is notable also because its collection rules cover a broad and comparatively uncommon range of AI development tools alongside CI/CD credentials, package registry authentication, cloud configurations, source-control access, and traditional browser and wallet data. "This breadth suggests a deliberate focus on the identities and integrations that connect modern developers and administrators to the wider enterprise." An Increasing Focus on Development & Admin Systems For security teams, the intrusion campaign is a reminder of how attackers are increasingly focusing on trusted administrative and development infrastructure to amplify the impact of a single compromise. Another recent example is a breach at Danish pharmaceutical giant Novo Nordisk, where a threat actor used an initial foothold via a single GitHub access token to escalate privileges and steal 1.3TB of sensitive data. Related:Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure The broader lesson for security teams is that modern intrusions increasingly target environments that provide downstream access, Beal points out.  "The compromise of a trusted RMM platform, combined with Djinn Stealer’s focus on portable credentials, reflects an operational strategy built around amplification," he says. By targeting administrative infrastructure, cloud access, development tooling, and software delivery systems, threat actors can turn one successful intrusion into access across customer tenants, production environments, and interconnected services, he notes. Sam Decker, threat intelligence engineer at Blackpoint, says the company has not been able to attribute the intrusion to any specific threat actor at the moment. However, the architecture of TaskWeaver and Djinn Stealer reflect "a capable, deliberate operation focused on discovering and collecting high value secrets," he says. The threat actor leaned on typosquatted Microsoft infrastructure to blend in, with the initial command-and-control server (C2) masquerading as legitimate Microsoft Dev Tunnels and the exfiltration user agent crafted to look like normal Microsoft telemetry collection, Decker adds. "Based on what we saw, this appeared to be opportunistic scanning for Internet-exposed, vulnerable SimpleHelp instances rather than going after specific targets," he says. "We didn't see any of our other customers impacted, but it's very possible that other exposed instances were hit by the same actor." Don't miss the latest Dark Reading Confidential podcast, Do CISOs Need a Code of Ethics? Kickbacks, no-show jobs, "dirty" VCs, and shelf ware — industry expert Robert "RSnake" Hansen explains why he thinks it's time for a CISO code of ethics. It could ensure cybersecurity bosses aren't engaged in self-dealing that could risk enterprise, and even national, security. Listen now! About the Author Jai Vijayan Contributing Writer Illinois-based Jai Vijayan is a veteran, award-winning technology journalist with more than 25 years of experience covering cybersecurity. His information security reporting has explored everything from ransomware, nation-state threats, and identity security to AI risk, critical infrastructure protection, software supply chain security, cloud security and emerging enterprise technologies.  Over the course of his career, Jai has written news stories, feature articles, survey reports, white papers, and e-books for enterprise and technology audiences. He has also moderated panel discussions and executive roundtables featuring CISOs, security researchers, and industry leaders.  Jai previously served as senior editor at Computerworld, where he covered information security and data-privacy issues. His work has also appeared in CSO Online, InformationWeek, The Christian Science Monitor Passcode, The Economic Times, and other publications. His work has earned multiple industry honors, including a Joint ASBPE Excellence Award for Best Coverage of Government IT, and a Joint Jesse H. Neal Award for wireless LAN security coverage. Jai holds a Master’s degree in statistics from Bangalore University, and studied broadcasting and electronic communication at Marquette University in Milwaukee.   Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports The State of Cloud Security: The Latest Challenges The total economic impact™ of Snyk How Organizations Are Managing Incident Response How Enterprises Are Developing Secure Applications Inside RSAC 2026: security leaders reveal the risks redefining your defense strategy Access More Research Webinars Practical Zero Trust Implementation on a Budget in the Age of Mythos Building a Risk Based Vulnerability Management Program Threat Hunting That Gets Big Results Despite Small Budgets Say Yes to AI: Securing Innovation Without Compromise Zero Trust Identity: Beyond Traditional Authentication More Webinars You May Also Like CYBERATTACKS & DATA BREACHES Critical Fortinet Flaws Under Active Attack by Jai Vijayan, Contributing Writer DEC 17, 2025 CYBERATTACKS & DATA BREACHES CISA Warns of 'Ongoing' Brickstorm Backdoor Attacks by Rob Wright DEC 04, 2025 CYBERATTACKS & DATA BREACHES F5 BIG-IP Environment Breached by Nation-State Actor by Alexander Culafi OCT 15, 2025 CYBERATTACKS & DATA BREACHES Jaguar Land Rover Shows Cyberattacks Mean (Bad) Business by Robert Lemos, Contributing Writer OCT 03, 2025 Editor's Choice CYBERSECURITY OPERATIONS Do CISOs Need a Code of Ethics? byDark Reading Editorial Team JUN 24, 2026 CYBERSECURITY OPERATIONS 2026 FIFA World Cup Faces Surge in Cyber Threats byAlexander Culafi JUN 24, 2026 3 MIN READ CYBERSECURITY OPERATIONS EU Gets a Head Start in Developing 6G Network Security byNate Nelson JUN 18, 2026 4 MIN READ Want more Dark Reading stories in your Google search results? Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE AUG 1-6 | MANDALAY BAY, LAS VEGAS USE CODE: DARKREADING & SAVE $200 ON A BRIEFINGS PASS OR $100 ON A BUSINESS PASS The premier cybersecurity event returns. GET YOUR PASS