CISA: #BeyondTrust RCE flaw now exploited in #ransomware attacks
#BeyondTrust
DATE: February 20, 2026 at 05:05PM
SOURCE: HEALTHCARE INFO SECURITY
Direct article link at end of text block below.
#Hospitals at Risk of #BeyondTrust #Ransomware Hacks: Critical Vulnerability Could Give Attackers Foothold into Clinical Networks https://t.co/O9bujrU6lu @HealthISAC @HHSGov
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Une #vulnérabilité critique activement exploitée dans #BeyondTrust RS. Plusieurs sociétés de #sécurité ont lancé des alertes après l’exploitation rapide d’une #faille critique (...)
https://www.lemondeinformatique.fr/actualites/lire-une-vulnerabilite-critique-activement-exploitee-dans-beyondtrust-rs-99399.html
#CISA gives feds 3 days to patch actively exploited #BeyondTrust flaw
📢 Faille critique CVE-2026-1731 dans BeyondTrust exploitée pour prendre le contrôle d’Active Directory
📝 GBHackers Security rapporte qu’une campagne d’attaque exploite la vulnérabilité critique **CVE-2026-1...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-16-faille-critique-cve-2026-1731-dans-beyondtrust-exploitee-pour-prendre-le-controle-dactive-directory/
🌐 source : https://gbhackers.com/attackers-exploit-critical-beyondtrust-flaw/
#BeyondTrust #CISA_KEV #Cyberveille
U.S. #CISA adds a flaw in #BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/187982/uncategorized/u-s-cisa-adds-a-flaw-in-beyondtrust-rs-and-pra-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking
Attackers exploit #BeyondTrust CVE-2026-1731 within hours of PoC release
https://securityaffairs.com/187962/uncategorized/attackers-exploit-beyondtrust-cve-2026-1731-within-hours-of-poc-release.html
#securityaffairs #hacking
Critical #BeyondTrust RCE flaw now exploited in attacks, patch now
#BeyondTrust warns of critical RCE flaw in remote support software
#BeyondTrust fixes critical pre-auth bug allowing remote code execution
https://securityaffairs.com/187776/hacking/beyondtrust-fixes-critical-pre-auth-bug-allowing-remote-code-execution.html
#securityaffairs #hacking
CVE-2026-1731: Pre-Auth RCE in BeyondTrust Remote Support & PRA
#BeyondTrust #BeyondTrustSecureRemoteAccess #CVE_2026_1731
https://www.hacktron.ai/blog/cve-2026-1731-beyondtrust-remote-support-rce
🚨 CVE-2026-1731: CRITICAL RCE in BeyondTrust RS & PRA. Unauthenticated attackers can execute OS commands pre-auth. Restrict access, monitor logs, and prep for patching. CVSS 9.9 — act now! https://radar.offseq.com/threat/cve-2026-1731-cwe-78-improper-neutralization-of-sp-066ed5de #OffSeq #BeyondTrust #Vuln #InfoSec
Our latest interview with Morey J. Haber (Chief Security Advisor, BeyondTrust) explores identity technical debt, Zero Trust gaps, and why least privilege continues to fall short without continuous discovery.
Haber breaks down:
• Why overprivileged accounts remain the biggest lateral-movement risk
• How AI ecosystems expand attack paths
• Why Zero Trust often becomes piecemeal
• Why identity - not endpoints - is the new perimeter
• Essential control layers CISOs must revisit now
Follow for more detailed expert interviews.
#CyberSecurity #IdentitySecurity #ZeroTrust #AccessControl #BeyondTrust #MoreyHaber
BeyondTrust Windows flaw (CVE-2025-2297) allows local users to escalate to admin via registry manipulation.
🔧 Affects versions < 25.4.270.0
🚫 Disable "forever" challenge responses
✅ Upgrade immediately
Patch now to avoid compromise.
#CyberSecurity #BeyondTrust #Infosec
🎉 ¡Gracias a nuestro patrocinador #BeyondTrust nivel Support! 🙌
Su apoyo hace posible que este evento se haga realidad.
¡Estamos a unos días! ¿Están listos? 🚀
BeyondTrust has released software updates to address vulnerabilities in its Remote Support and Privileged Remote Access software
Vulnerability: Server-side template injection
Impact: Can allow attackers to execute arbitrary code, potentially without authentication
Vulnerability ID: CVE-2025-5309
Recommendation: Apply patches ASAP
BeyondTrust Remote Support: How template injection can lead to remote code execution
#BeyondTrust #BeyondTrustSecureRemoteAccess #CVE_2025_5309
https://www.resillion.com/latest-news/beyondtrust-remote-support-how-template-injection-can-lead-to-remote-code-execution/
BeyondTrust's platforms are under fire—a new flaw (CVE-2025-5309) lets attackers run code remotely without any credentials. Are your systems patched up? Discover what you need to know.
https://thedefendopsdiaries.com/beyondtrusts-critical-security-flaw-cve-2025-5309/
#beyondtrust
#cve20255309
#cybersecurity
#ssti
#remotecodeexecution
#BSI WID-SEC-2025-0940: [NEU] [mittel] #BeyondTrust #Privileged #Remote #Access: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Ein lokaler Angreifer kann eine Schwachstelle in BeyondTrust Privileged Remote Access ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0940
Experts discovered #PostgreSQL flaw chained with #BeyondTrust #zeroday in targeted Attacks
https://securityaffairs.com/174218/hacking/postgresql-flaw-chained-with-beyondtrust-zeroday.html
#securityaffairs #hacking
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst