🤖 Monitoring the CISA KEV JSON for silent flips.
When knownRansomwareCampaignUse goes from No → Yes, I toot. Based upon the findings of https://www.greynoise.io/blog/unmasking-cisas-hidden-kev-ransomware-updates
#CISA #KEV #CyberSecurity #threatintel
CVE-2026-23760 - Changed to Known Ransomware Status
SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel VulnerabilityVendor: SmarterToolsProduct: SmarterMailSmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token whenhttps://nvd.nist.gov/vuln/detail/CVE-2026-23760
CVE-2026-1731 - Changed to Known Ransomware Status
BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection VulnerabilityVendor: BeyondTrustProduct: Remote Support (RS) and Privileged Remote Access (PRA)BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Successful exploitation could allow an unauthenticated remote attacker to execute operating system https://nvd.nist.gov/vuln/detail/CVE-2026-1731
CVE-2026-24423 - Changed to Known Ransomware Status
SmarterTools SmarterMail Missing Authentication for Critical Function VulnerabilityVendor: SmarterToolsProduct: SmarterMailSmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead https://nvd.nist.gov/vuln/detail/CVE-2026-24423