Attackers exploited SimpleHelp CVE-2026-48558 to deliver TaskWeaver and Djinn Stealer, targeting credentials across cloud, code, AI, and wallet tools.