TLP:WHITE6 IOCs
SimpleHelp OIDC Bypass Lets Attackers Gain Technician Session and Deploy Malware
Malware Families
Diamond Model
Adversary
Infrastructure(3)
Capability(1)
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise6
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| CVE | CVE-2026-48558 exploitintel-blogmalware | Medium | 54 | Jun 30, 26 |
| SHA256 | f4a72600a3735c2a4d843875ea61bbb6f935a1af51a81f2fbc992ce11ba94afc file-hashintel-blogloader | Medium | 53 | Jun 30, 26 |
| Domain | trycloudflare.com exfiltrationintel-blogmalware | High | 58 | Jun 30, 26 |
| Domain | a.dev-tunnels.com exfiltrationindicatorintel-blog | Medium | 54 | Jun 29, 26 |
| SHA256 | 00cc86d1144020c24c8fbb3a8dc6b908926497ebd23be3bf854360f93d1c8f4c file-hashintel-blogloader | Medium | 53 | Jun 30, 26 |
| IP | 96.126.130.126 exfiltrationintel-blogmalware | High | 58 | Jun 30, 26 |
IOC Relationship Graph
IOC Relationship Graph6 total IOCs
CVESHA256DomainIP