CISA Warns of Active Exploitation of BeyondTrust RCE Flaw in Ransomware Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported that threat actors are actively exploiting CVE-2026-1731, a remote code execution (RCE) vulnerability in BeyondTrust Remote Support. The flaw is being used in ransomware attacks. No specific attack timeline, affected organizations, or technical exploitation details were provided in the notice. The vulnerability impacts BeyondTrust’s Remote Support product. The source is CISA’s warning.