New 'Djinn' Malware Steals Login Credentials from Business Tools

A new malware called Djinn is targeting businesses by stealing usernames and passwords for cloud services and artificial intelligence tools. The malware gets in through a security flaw in software called SimpleHelp, which some companies use for remote computer support. Once inside, it specifically looks for credentials that connect to important business systems. This threat mainly affects people who use work computers or business accounts. If your employer uses SimpleHelp for tech support, or if you access company cloud services and AI development tools from your computer, your work credentials could be at risk. The stolen passwords could let hackers access broader company systems, potentially exposing customer data or business information.

What You Should Do Right Now:

1. If you use SimpleHelp at work, alert your IT department immediately about this vulnerability (reference CVE-2026-48558 (an industry tracking number for this software flaw)).
2. Change passwords for all work-related cloud services and AI tools you access.
3. Enable multi-factor authentication on every work account that offers it.
4. Never use your work passwords for personal accounts, and vice versa.
5. Watch for any unusual login attempts or password reset emails for your work accounts. Keep your work and personal digital lives separate. Use different passwords for work and home accounts. If you work from home or use personal devices for work, talk to your employer about security policies. Make sure any remote support software on your computer is kept updated. Strong password habits and multi-factor authentication remain your best defenses against credential theft.