BeyondTrust RCE flaw enables code execution without login

Kiswahili

A critical remote code execution vulnerability has been discovered in multiple BeyondTrust products. The flaw, rated 9.9 out of 10 in severity, allows hackers to run code on affected systems without needing to log in. The issue was reported on February 10, 2026.

Security researchers have identified a high-severity remote code execution (RCE) flaw in several products from BeyondTrust, a cybersecurity firm. According to TechRadar, this vulnerability permits unauthorized users to execute arbitrary code on vulnerable systems without authentication, posing significant risks to organizations relying on BeyondTrust's software for privileged access management.

The bug receives a CVSS score of 9.9 out of 10, indicating its critical nature due to potential for widespread exploitation. It affects multiple BeyondTrust offerings, though specific products were not detailed in the initial report. BeyondTrust has not yet issued a public response in the available information.

This discovery underscores ongoing challenges in securing enterprise software against sophisticated attacks. Organizations using BeyondTrust products are advised to monitor for patches, as no timeline for fixes was provided in the report published on February 10, 2026.

Makala yanayohusiana

Dramatic illustration of a darknet leak of Swedish government IT data by hackers, showing computer screens with source code, passwords, and personal files.
Picha iliyoundwa na AI

Swedish government IT data leaked on darknet

Imeripotiwa na AI Picha iliyoundwa na AI

A hacker group called ByteToBreach has leaked sensitive information from a government IT system on the darknet. The leak includes source code, passwords, and personal data from a platform managed by IT consultant CGI Sweden. Authorities like Cert-SE confirm they are aware of the reports but decline to comment.

Veeam patches three critical security flaws in backup servers

Veeam has addressed three critical-severity security vulnerabilities that could expose backup servers to remote code execution attacks. The company issued patches to mitigate these risks. The announcement highlights ongoing concerns in cybersecurity for data protection tools.

Zyxel warns of critical RCE flaw in over a dozen routers

Imeripotiwa na AI

Zyxel has issued a warning about a critical remote code execution (RCE) security flaw that could affect more than a dozen of its routers. The company has addressed a handful of concerning vulnerabilities in its devices. This update comes as part of ongoing efforts to secure networking equipment.

Teknolojia

Google report warns of shifting cloud threat landscape

Teknolojia

WordPress plugin Ally carries SQL injection flaw risking 250,000 sites

Teknolojia

More than 40,000 WordPress sites affected by malware flaw

Three high-risk AI vulnerabilities discovered in Claude.ai

Researchers have identified three high-risk vulnerabilities in Claude.ai. These enable an end-to-end attack chain that exfiltrates sensitive information without the user's knowledge. A legitimate Google ad could trigger data exfiltration.

Microsoft Excel security flaw enables data theft with Copilot

Imeripotiwa na AI

A security vulnerability in Microsoft Excel combines spreadsheets and the Copilot Agent to potentially steal data, according to TechRadar. The flaw is described as fascinating in its approach. The report was published on March 11, 2026.

Jumatano, 22. Mwezi wa nne 2026, 09:46:30

Microsoft patches critical ASP.NET Core vulnerability on macOS and Linux

Ijumaa, 3. Mwezi wa nne 2026, 10:14:58

OpenClaw patches severe vulnerability granting admin access

Jumatatu, 23. Mwezi wa tatu 2026, 09:31:59

Researchers uncover leaked API keys on nearly 10,000 websites

Jumatano, 18. Mwezi wa pili 2026, 11:16:48

Dell zero-day flaw unpatched for nearly two years

Alhamisi, 5. Mwezi wa pili 2026, 15:05:32

Critical flaws discovered in n8n workflow tool

Jumatano, 4. Mwezi wa pili 2026, 19:25:39

Russian hackers exploit Microsoft Office vulnerability days after patch

Tovuti hii inatumia vidakuzi

Tunatumia vidakuzi kwa uchambuzi ili kuboresha tovuti yetu. Soma sera ya faragha yetu kwa maelezo zaidi.
Kataa