State Hackers Hit 37 Countries, BeyondTrust CVSS 9.9 RCE, Signal Hijacked & More | HN Ep. 61

A newly uncovered state-backed espionage group has compromised 70 organizations across 37 countries in a single year — and they were scanning infrastructure in 155 more. In this episode of Hacking News, we break down Palo Alto Unit 42's Shadow Campaigns investigation, a CVSS 9.9 pre-authentication RCE in BeyondTrust's remote access tools, a state-sponsored Signal phishing campaign targeting European politicians and military officials without using a single line of malware, CISA's aggressive new directive ordering federal agencies to rip out end-of-life edge devices, and an Everest ransomware claim against Iron Mountain that turned out to be far less than advertised.

Whether you're a cybersecurity professional, IT admin, or just someone who wants to stay informed about the threats facing our digital world — this episode has critical takeaways you can act on today.

🔒 Key Topics Covered:
• TGR-STA-1030 "Shadow Campaigns" — state-backed espionage across 37 countries
• BeyondTrust CVE-2026-1731 — CVSS 9.9 pre-auth RCE in remote access tools
• Signal Phishing Campaign — German BfV/BSI advisory on account hijacking
• CISA BOD 26-02 — Binding directive to eliminate end-of-support edge devices
• Iron Mountain / Everest Ransomware — 1.4TB breach claims vs. reality

⏱️ Timestamps:
0:00 — Cold Open: One group, 37 countries breached
1:10 — Forge OS Intro
1:14 — Welcome & CTA
1:38 — Shadow Campaigns: State-Backed Espionage at Unprecedented Scale
7:04 — BeyondTrust CVE-2026-1731: CVSS 9.9 Pre-Auth RCE
11:07 — Signal Phishing: Hijacking Accounts Without Malware
14:10 — CISA BOD 26-02: Rip Out Your End-of-Life Edge Devices
16:55 — Iron Mountain vs. Everest Ransomware: Claims vs. Reality
19:38 — Recap & Key Takeaways
21:40 — Outro

📌 Resources & Sources:
• Unit 42 Shadow Campaigns Report: https://unit42.paloaltonetworks.com/shadow-campaigns-uncovering-global-espionage/
• BeyondTrust Security Advisory BT26-02: https://www.beyondtrust.com/trust-center/security-advisories/bt26-02
• German BfV/BSI Signal Phishing Advisory: https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html
• CISA BOD 26-02 Directive: https://www.cisa.gov/news-events/directives/bod-26-02-mitigating-risk-end-support-edge-devices
• Iron Mountain / Everest Coverage: https://cybernews.com/security/iron-mountain-data-breach-claims/

🎧 Listen on Spotify & Apple Podcasts — search "Exploit Brokers by Forgebound Research" and hit follow!

💬 Found this valuable? Share it with a coworker or friend who touches a computer.

—
Exploit Brokers by Forgebound Research
Host: Cipherceval
"Learn more about the threats we face and gain a bit more knowledge than yesterday."