Critical BeyondTrust RCE flaw now exploited in attacks, patch now

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...
SecurityWeek

BeyondTrust Patches Critical RCE Vulnerability

BeyondTrust has patched a critical RS and PRA vulnerability leading to unauthenticated remote code execution (RCE) via ...

WordPress plugin with 900k installs vulnerable to critical RCE flaw

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can ...

BeyondTrust RCE flaw lets hackers run code without logging in

A 9.9/10 bug was found in multiple BeyondTrust products, but a patch is already available.
Infosecurity Magazine

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote ...
CSO Online

BeyondTrust fixes critical RCE flaw in remote access tools

Enterprises are urged to patch self-hosted versions of both Remote Support and Privileged Remote Access due to a 9.9-severity ...

Nearly a million WordPress websites could be at risk from this serious plugin security flaw

WPvivid Backup & Migration plugin allows for arbitrary file upload which can lead to remote code execution.
CSO Online

Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges

Anthropic didn’t dispute the security report, but suggested it would only be caused by user error, where users deliberately ...
The Hacker News

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.
The Hacker News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.
Computer Weekly

Researchers delve inside new SolarWinds RCE attack chain

Researchers at Huntress and Microsoft have shared findings from their analysis of a new SolarWinds Web Help Desk vulnerability.