CISA Adds PTC Software Vulnerability to KEV Catalog; SimpleHelp RMM Exploited with Djinn Stealer Malware
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability (CVE-2026-12569) in PTC's Windchill and FlexPLM software to its Known Exploited Vulnerabilities (KEV) catalog. Separately, attackers are exploiting a recently patched authentication bypass vulnerability (CVE-2026-48558) in SimpleHelp RMM to deploy the novel Djinn Stealer malware, which targets credentials across various platforms including cloud, source control, and AI development assistants.
Context
CISA's KEV catalog serves as a resource for organizations to identify and mitigate known vulnerabilities that could be exploited by cyber attackers. PTC's Windchill and FlexPLM software are utilized in various industries for product lifecycle management, making their security critical. The Djinn Stealer malware is a new threat that targets a range of platforms, indicating evolving tactics among cybercriminals.
Why it matters
The addition of PTC's software vulnerability to the KEV catalog highlights the ongoing risks associated with widely used enterprise software. This action aims to prompt organizations to address the vulnerability to prevent potential exploitation. The exploitation of SimpleHelp RMM with Djinn Stealer malware raises concerns about the security of credentials and sensitive information across multiple platforms.
Implications
Businesses relying on PTC's software may face increased security risks if they do not address the vulnerability promptly. The exploitation of SimpleHelp RMM could lead to significant data breaches, affecting user credentials and sensitive information. The rise of sophisticated malware like Djinn Stealer may prompt organizations to reassess their cybersecurity strategies and defenses.
What to watch
Organizations using PTC's software should prioritize patching the identified vulnerability to mitigate risks. Monitoring for signs of Djinn Stealer malware in affected systems will be crucial for IT security teams. Future updates from CISA may provide additional guidance on emerging threats and vulnerabilities.
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.