Help Net Security ·EN-US News source
Week in review: SimpleHelp vulnerability exploited, Oracle EBS Payments flaw under attack
CVE Tools coverage
Attackers are actively exploiting CVE-2026-48558 in SimpleHelp RMM, using the authentication-bypass weakness to deploy the Djinn Stealer malware across Windows, macOS, and Linux systems. In parallel, threat intelligence reports exploitation attempts against CVE-2026-46817 affecting Oracle E-Business Suite Payments, with the Oracle Payments module targeted via weekend activity. These incidents matter because they show how quickly patched (or still-fresh) enterprise flaws can be weaponized, increasing the urgency of remediation and monitoring for both vendors.