CISA gives feds 3 days to patch actively exploited BeyondTrust flaw

CISA ordered U.S. government agencies on Friday to secure their BeyondTrust Remote Support instances against an actively ...
The Hacker News

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.
SecurityWeek

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

CISA warns of a new SmarterTools SmarterMail vulnerability exploited by ransomware groups for unauthenticated RCE.

Modern PDF platforms are becoming high-risk attack surfaces

Modern PDF platforms can now function as full attack gateways rather than passive document viewers.

BeyondTrust RCE flaw lets hackers run code without logging in

A 9.9/10 bug was found in multiple BeyondTrust products, but a patch is already available.

BeyondTrust warns of critical RCE flaw in remote support software

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...

Critical flaw in BeyondTrust Remote Support sees early signs of exploitation

The vulnerability is a variant of a CVE linked to the 2024 hack of the U.S. Treasury Department, according to researchers.
SecurityWeek

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and other attacks.

Critical React Native Metro dev server bug under attack as researchers scream into the void

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...
Futurism on MSN

Microsoft Added AI to Notepad and It Created a Security Failure Because the AI Was Stupidly Easy for Hackers to Trick

"Microsoft is turning Notepad into a slow, feature-heavy mess we don't need." The post Microsoft Added AI to Notepad and It ...
Security Boulevard

CVE-2026-1281 & CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...