BeyondTrust Remote Support exploitation ramps up with backdoors, remote tools

BeyondTrust Remote Support exploitation ramps up with backdoors, remote tools

Researchers warn that thousands of instances may still be vulnerable to exploitation activity.

From Treasury Breach to Web Shells: How a BeyondTrust Vulnerability Became a Gateway for Chinese Cyber Espionage

A critical vulnerability in BeyondTrust’s Privileged Remote Access and Remote Support products, initially exploited in a high-profile breach of the U.S. Treasury Department, has now been linked to a broader campaign involving web shell deployment and persistent access by Chinese state-sponsored threat actors. The flaw, tracked as CVE-2024-12356, carries a near-maximum CVSS score of 9.8 and has proven to be far more consequential than initially u…

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration - Cybernoz - Cybersecurity News

Ravie LakshmananFeb 20, 2026Vulnerability / Cyber Attack Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and  The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of th…

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and  The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the