Your IT Provider Patches Windows. Nobody Patches the Tool They Use to Reach You.

A fresh SimpleHelp flaw is letting attackers drop credential-stealers on every Windows, Mac, and Linux machine the affected IT vendors manage. Here is the one email that tells you whether you are already exposed.

Wednesday afternoon, 2:14 PM. The office manager at a twelve-person family law practice in Indianapolis was filing a motion in Clio.

She had been at the same desk all morning. She had not opened a strange email. She had not clicked a sponsored search result. She had not answered a phone call from anyone claiming to be IT.

Her computer was behaving normally. Chrome had her usual tabs open. The fans were quiet. Her IT contractor had set the machine up two years ago, and she had not heard from him in six weeks.

She finished the filing. She closed Clio. She locked her screen and went to lunch.

By the time she got back, a small executable had run for forty-one seconds, harvested every saved password in her Chrome profile, copied her authenticator cookies, and exited. Her firm's bank portal, Westlaw, the matter database, and the payroll service were now sitting in a folder on a server she had never heard of.

She had done nothing wrong.

What just happened

BleepingComputer reported this week that attackers are actively exploiting a critical flaw in SimpleHelp, a remote support tool used by managed service providers and internal IT teams to administer computers across many small businesses at once. The flaw is tracked as CVE-2026–48558. Exploitation started within days of the patch being released. The payload is a previously undocumented credential harvester called Djinn Stealer that runs on Windows, macOS, and Linux, paired with a second piece of malware called TaskWeaver.

The mechanic is worth understanding, because it does not look like the attacks you have been trained against.

Your IT provider probably uses one of about a dozen remote support products to manage your machines. SimpleHelp, ConnectWise ScreenConnect, TeamViewer, AnyDesk, Splashtop, RustDesk. The product runs as an always-listening service on every computer it manages. When the provider needs to fix something, the central server tells the agent on your machine to open a session. The provider sees your screen and types on your keyboard.

That central server is one box. It controls every endpoint at every client the provider has. When the server gets popped, the attacker inherits the provider's relationship with every one of those endpoints. From your computer's perspective, the malicious file arrived through the same channel your IT provider's legitimate fixes arrive through.

The forty-one-second window is the average dwell time of a modern infostealer. Djinn Stealer grabs browser passwords, session cookies, and authenticator state, then exits. Your endpoint protection (the software that watches your computers for malicious behavior) does not flag the activity because it came through a tool the protection already trusts.

The attack does not require your employees to click anything.

Why your IT provider didn't help

You hired an IT provider so you would not have to think about this. That trust was rational. It still is. The problem is what you never asked.

Rank the security questions a small business actually asks an IT provider, weakest to strongest.

Do you have a HIPAA business associate agreement? This is the most common question. It is about contract liability, not technical exposure. The agreement does not require the provider to patch anything on time.

Are my workstations getting Windows updates? Most providers will say yes. Windows updates are largely automatic. The question is a softball and the answer is usually true.

Do you use MFA on the admin accounts you log into my systems with? Sharper question. Some providers say yes. Some say "we use a password manager." Few have written policies.

What remote support tools are installed on my computers, what versions are they on, and when was the last time you patched each one? This is the question almost nobody asks. Most providers do not have a written answer ready. Some have to go check.

The last question decides whether you survive this week's exploit. Your provider's contract probably commits them to keeping your operating systems patched. It almost certainly does not specify a patching cadence for the support tools they install on your machines. Those tools sit outside the standard Windows update mechanism. They patch when the provider remembers to log into the vendor's portal and run the updater.

When SimpleHelp shipped version 5.5.8, providers who applied it inside 48 hours protected every client. Providers who waited a week left every client exposed.

You do not control which kind of provider you have. You only control whether you have asked the question in writing.

What you can actually do this week

Three actions. All under a day. All under $1,000 combined.

1. Send the patching-status email today. Cost: $0. Time: 5 minutes. Send your IT provider this exact message: "Please confirm in writing which remote support tools are installed in our environment, the current version of each one, and the date each was last patched. I need a reply by end of day tomorrow." Keep the reply on file. If the answer mentions SimpleHelp, the version must be 5.5.8 or later. If your provider cannot answer inside 24 hours, you have learned something important about their operational maturity.
2. Audit the enterprise applications attached to your Microsoft 365 or Google Workspace tenant. Cost: $0. Time: 15 minutes. In Microsoft 365, open the Entra Admin Center, go to Enterprise applications, and sort by recent sign-in activity. In Google Workspace, open Admin Console, then Security, then API controls. Remove any remote-support integration you do not recognize. Attackers chain a tool compromise into an OAuth foothold for persistence, which survives a password reset and a machine wipe.
3. Confirm tamper protection is on, and ask your provider to enable first-seen publisher alerting. Cost: $0 if you already have endpoint detection. Time: 20 minutes by email. Tamper protection stops a payload from disabling your endpoint sensor after it lands. First-seen publisher alerting flags binaries from software publishers your environment has never seen before. Both settings exist in every modern endpoint product. Both ship turned off in some of them. Your provider has the answer in a settings panel.

The harder truth

The Indianapolis family law office is not the only target. This week the newsletter counted 107 disclosed ransomware victims across 31 active threat actors, back to the top of a band that has held for ten of the last eleven weeks. Healthcare took 12 hits. Manufacturing took 11. Legal services took 8, posted by six different ransomware crews inside a 72-hour window.

Six crews posting law firms inside three days is not a coordinated campaign. It is the textbook signature of opportunistic targeting. Every small practice with privileged client data and a single part-time IT contractor is in the pool by default. The deciding variable is whether the contractor's remote support stack is patched.

SimpleHelp is the third major remote support tool exploited inside eighteen months. ConnectWise ScreenConnect was hit in 2024. AnyDesk was hit in early 2025. The pattern is set. Any software whose business purpose is to give one person full remote control of someone else's computer is now a category-A target. Patches will keep arriving in clusters.

The patching cadence on a tool you cannot see is now part of your security posture, whether you knew it or not.

If this was useful

I write S6 Ransomware Signal, a free weekly newsletter for small and mid-size businesses without a dedicated security team. Every Monday it covers the week's most important ransomware and extortion campaigns, what the victim counts actually say about who is being targeted, and the small set of fixes that change the math for businesses your size.

This week's full issue also covers:

• KrebsOnSecurity's public naming of the administrator behind The Gentlemen, the ransomware crew that has appeared in every issue since June 1, and the threat-intelligence firm that just confirmed AI is now writing and maintaining the group's malware
• DragonForce publishing 8.67 GB of patient data from a California cardiac imaging provider, and a Canadian clinic facing a $70,000 ransom over 307,000 patient records, inside a week where five different crews worked the healthcare sector at once
• A Settra leak post claiming 3.2 TB of export-controlled material from a major Korean industrial manufacturer, and why attacker-supplied data volumes are a single-source figure you should read with one eyebrow up

Subscribe here. It is free.

The criminals figured out that compromising the tool your IT provider uses is faster than compromising you directly. They are not wrong.