A critical authentication bypass in SimpleHelp’s OIDC flow may have let attackers obtain technician access and deliver two malware families, turning a remote support tool into a high-risk entry point.