GLOBAL SITUATIONMONITORING

482 published briefsUTCFri, Apr 3 22:28:48

Intelligence Tag

BeyondTrust

Vendor behind remote support software at centre of exploitation

1 intelligence brief← Intelligence Hub

Critical BeyondTrust Remote Support flaw abused by ransomware gangs

BeyondTrust Remote Support vulnerability CVE-2026-1731 is under active exploitation by ransomware operators, CISA confirms. The flaw allows pre-auth command execution and has been used to stage web shells and exfiltrate data.

Peter Chofield

Feb 21, 2026

2–3 minutes