SecurityWeek

BeyondTrust Patches Critical RCE Vulnerability

BeyondTrust has patched a critical RS and PRA vulnerability leading to unauthenticated remote code execution (RCE) via ...

Critical n8n Security Update: Public RCE Vulnerability PoC Now Available

SecureLayer7 Blackf0g researcher team A critical RCE vulnerability in n8n has been identified and patched. n8n’s AI ...

One threat actor responsible for 83% of recent Ivanti RCE attacks

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...
Infosecurity Magazine

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution ...
The Hacker News

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.

Critical BeyondTrust RCE flaw now exploited in attacks, patch now

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...

BeyondTrust RCE flaw lets hackers run code without logging in

A 9.9/10 bug was found in multiple BeyondTrust products, but a patch is already available.
The Hacker News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.
Computer Weekly

Researchers delve inside new SolarWinds RCE attack chain

Researchers at Huntress and Microsoft have shared findings from their analysis of a new SolarWinds Web Help Desk vulnerability.
Dark Reading

Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.