Skip to content
Vulnerability intelligence

CVE-2026-48558

A new cross-platform infostealer deployed through a SimpleHelp authentication bypass explicitly targets AI development assistant tokens, cloud platform credentials, and package registry keys. The attack surface is not the code — it is the developer.

2026