Threat Intelligence / Actor / Unattributed (current campaigns); Silk Typhoon (Storm-0558) exploited predecessor CVE-2024-12356

Unattributed (current campaigns); Silk Typhoon (Storm-0558) exploited predecessor CVE-2024-12356

Nation: China (predecessor exploitation) · 1 tracked threat(s) · Categories: VULNERABILITY

Also known as: Storm-0558

Tracked threats

CVE-2026-1731 — BeyondTrust Pre-Auth RCE, CVSS 9.8, CISA KEV, Actively Exploited — Unauthenticated OS Command Injection in Remote Support & Privileged Remote Access, SimpleHelp RAT Post-Exploitation, Full Domain Control, Silk Typhoon Predecessor Chain — CRITICAL

Full actor intelligence — infrastructure, IOCs, detection coverage and operator fingerprints — is available via the Threadlinqs MCP server (Purple tier). View plans →

Threadlinqs Intelligence