Had a case this week of a fairly secure deployment of BeyondTrust, but vulnerable to CVE-2026-1731. With basically zero egress, I implemented a timing oracle POC instead. Takes about 20 minutes to get the ls command output in this demo, but hey, it works! :D

Threat actors are actively exploiting CVE-2026-1731 (9.9) in BeyondTrust Remote Support & PRA.

Attackers extract portal data, then open WebSocket channels to trigger unauthenticated RCE.

🔗 Read → https://thehackernews.com/2026/02/researchers-observe-in-wild.html

Patches are out, but exploitation started fast.

Here's a summary of the latest critical news in technology and cybersecurity:

State-backed hackers are reportedly leveraging Google's Gemini AI for reconnaissance and attack support. A critical BeyondTrust Remote Code Execution vulnerability (CVE-2026-1731) is being actively exploited in the wild. CISA has added four new exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog. In technology, Samsung commenced shipping of industry-first HBM4 memory for AI computing, and HKUST announced a major advance in calcium-ion battery technology.

#AnonNews_irc #Cybersecurity #Anonymous #News

Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support. https://www.securityweek.com/beyondtrust-vulnerability-targeted-by-hackers-within-24-hours-of-poc-release/

Threat actors are actively exploiting a critical BeyondTrust vulnerability (CVE-2026-1731) within 24 hours of a proof-of-concept (PoC) exploit being released. This flaw, affecting BeyondTrust Remote Support and Privileged Remote Access, allows for unauthenticated remote code execution and has seen exploitation attempts from multiple IP addresses, some previously involved in other vulnerability exploits.
https://www.securityweek.com/beyondtrust-vulnerability-targeted-by-hackers-within-24-hours-of-poc-release/

CVE-2026-20700 – Apple corrige sa première faille zero-day de 2026 : patchez ! https://www.it-connect.fr/cve-2026-20700-apple-corrige-sa-premiere-faille-zero-day-de-2026-patchez/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Apple

Here's a summary of recent global, technology, and cybersecurity news from the last 24 hours:

Globally, Canada mourned 10 lives lost in a mass shooting in British Columbia (February 12).

In technology, Samsung began mass production of HBM4 with ultimate performance for AI computing (February 12). Waymo also launched fully autonomous operations with its 6th-generation Driver (February 12).

For cybersecurity, Google reported state-backed hackers are using Gemini AI for reconnaissance and attack support (February 12). Apple patched an actively exploited zero-day vulnerability (CVE-2026-20700) affecting iOS, macOS, and other devices (February 12). Additionally, Palo Alto Networks reportedly chose not to publicly link a global cyberespionage campaign to China over fears of retaliation (February 13).

#News #Anonymous #AnonNews_irc

Global cybersecurity remains critical: Threat actors are actively exploiting Google's Gemini AI for varied attack stages, from reconnaissance to phishing. Apple has patched a critical zero-day vulnerability (CVE-2026-20700) exploited in sophisticated attacks. CISA updated its KEV Catalog with four new vulnerabilities, urging immediate remediation. Furthermore, the EU launched a new ICT Supply Chain Security Toolbox to enhance risk mitigation. (Feb 12-13, 2026)

#Cybersecurity #AnonNews_irc #News

CVE-2026-1603

I refuse to believe that is a vulnerability over a purposeful backdoor, fuckin' yank products.

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

#cybersecurity #ivanti #vulnerabilitymanagement #vulnerability

Thanks @reverseics for the infographics and Ivanti for the continuous source of discoveries.

https://db.gcve.eu/vuln/CVE-2026-1603

Das BSI hat seinen IT-Sicherheitshinweis zu Ivanti EPMM aktualisiert:
https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2026/2026-221601-1032

Es liegen Hinweise vor, dass die Schwachstellen CVE-2026-1281 und CVE-2026-1340 bereits seit Mitte 2025 ausgenutzt wurden. ALLE Betreiber von Ivanti EPMMs sollten daher bei der Prüfung ihrer Systeme auf Kompromittierungen den Untersuchungszeitraum bis Juli 2025 zurück ausweiten. Es muss davon ausgegangen werden, dass die Anzahl kompromittierter Systeme deutlich höher ist als ursprünglich angenommen.

This build has a fix for CVE-2026-2441 (Use after free in CSS), which has a known exploit in the wild.

@secbox @vivaldiversiontracker

It might seem strange but this build has a fix for CVE-2026-2441 (Use after free in CSS), which has a known exploit in the wild. 🤷

@Vivaldi

Thursday: New Chrome release! It reverts one commit, a "trivial" performance optimization suspected of causing crashes.

https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_12.html

Friday: New Chrome release! A zero day! "CVE-2026-2441: Use after free in CSS."

https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html

Microsoft's #Notepad Got Pawned. The #vulnerability exploit #PoC code is public. Fork it while it's hot: https://github.com/BTtea/CVE-2026-20841-PoC

#cve2026_20841 #cyberSecurity

Windows Notepad RCE - CVE-2026-20841

A crafted Markdown link could trigger command execution via protocol handler abuse on Windows 11 Notepad.

https://forum.hashpwn.net/post/10031

#notepad #rce #cve202620841 #cybersecurity #news #hashpwn

🔐 CVE-2026-21643

📊 CVSS: 9.1 · Critical
📅 02/06/2026, 08:24 AM
🛡️ CWE: CWE-89
📦 Affected: Fortinet FortiClientEMS (7.4.4)
📚 https://fortiguard.fortinet.com/psirt/FG-IR-25-1142

🔗 https://hecate.pw/vulnerability/CVE-2026-21643

#cve #vulnerability #hecate

Vaultwarden – CVE-2026-26012 : cette faille expose vos mots de passe aux autres utilisateurs ! https://www.it-connect.fr/vaultwarden-cve-2026-26012-cette-faille-expose-vos-mots-de-passe-aux-autres-utilisateurs/ #ActuCybersécurité #Cybersécurité #Vulnérabilité

Das BSI hat seinen IT-Sicherheitshinweis zu Ivanti EPMM aktualisiert:
https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2026/2026-221601-1032

Es liegen Hinweise vor, dass die Schwachstellen CVE-2026-1281 und CVE-2026-1340 bereits seit Mitte 2025 ausgenutzt wurden. ALLE Betreiber von Ivanti EPMMs sollten daher bei der Prüfung ihrer Systeme auf Kompromittierungen den Untersuchungszeitraum bis Juli 2025 zurück ausweiten. Es muss davon ausgegangen werden, dass die Anzahl kompromittierter Systeme deutlich höher ist als ursprünglich angenommen.

@selea 👀 https://github.com/skelsec/CVE-2017-12542/blob/master/exploit_1.py