The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies on Friday to secure their BeyondTrust Remote Support instances against an actively exploited vulnerability within three days.

BeyondTrust provides identity security services to more than 20,000 customers across over 100 countries, including government agencies and 75% of Fortune 100 companies worldwide.

Tracked as CVE-2026-1731, this remote code execution vulnerability stems from an OS command injection weakness and affects BeyondTrust’s Remote Support 25.3.1 or earlier and Privileged Remote Access 24.3.4 or earlier.

While BeyondTrust patched all Remote Support and Privileged Remote Access SaaS instances on February 2, 2026, on-premise customers must install patches manually.

“Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user,” BeyondTrust said when it patched the vulnerability on February 6. “Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption.”

Hacktron, who discovered the vulnerability and responsibly disclosed it to BeyondTrust on January 31, warned that approximately 11,000 BeyondTrust Remote Support instances were exposed online, around 8,500 of them being on-premises deployments.

On Thursday, six days after BeyondTrust released CVE-2026-1731 security patches, watchTowr head of threat intelligence Ryan Dewhurst reported that attackers are now actively exploiting the security flaw, warning admins that unpatched devices should be assumed to be compromised.

Federal agencies ordered to patch immediately

One day later, CISA confirmed Dewhurst’s report, added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their BeyondTrust instances by the end of Monday, February 16, as mandated by Binding Operational Directive (BOD) 22-01.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” the U.S. cybersecurity agency warned. “Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”

CISA’s warning comes on the heels of other BeyondTrust security flaws that were exploited to compromise the systems of U.S. government agencies.

For instance, the U.S. Treasury Department revealed two years ago that its network had been hacked in an incident linked to the Silk Typhoon,  a notorious Chinese state-backed cyberespionage group.

Silk Typhoon is believed to have exploited two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) to breach BeyondTrust’s systems and later used a stolen API key to compromise 17 Remote Support SaaS instances, including the Treasury’s instance.

The Chinese hacking group has also targeted the Office of Foreign Assets Control (OFAC), which administers U.S. sanctions programs, and the Committee on Foreign Investment in the United States (CFIUS), which reviews foreign investments for national security risks.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide

Rode is rolling out a firmware update for its Wireless Pro and Wireless Go (third-gen) microphones to add a feature called Direct Connect, which was already available for the Wireless Micro. This allows the mics to pair with iPhones and iPads via Bluetooth without the need for a receiver. All you’ll need is the Rode Capture app.

Rode said it’s able to offer Direct Connect for Wireless Pro and Wireless Go without compromising “the broadcast-quality audio both wireless systems are known for.” The feature still supports the option to record from two transmitters in either merged (whereby the audio blends into a single stereo track) or split (which keeps the recordings on separate channels to allow for more options in post-production) modes.

Not having to worry about setting up a physical receiver to link these mics to iOS devices could help streamline things quite a bit for creators. And I can always get behind companies adding handy features to existing products without pushing customers to buy new models. That’s good for the environment, your wallet — assuming you already have one of these mics — and probably the company’s reputation. An all-around positive update.

Good grief… I’m still not over how emotional and tender last week’s episode of The Pitt season 2 was.

We saw loveable patient Louie (Ernest Harden Jr) die after a pulmonary embolism, shocking Langdon (Patrick Ball) to the core. Elsewhere, Santos (Isa Briones) struggles without having an interpreter for her deaf patient, reflecting selfishly instead of externally.

Prebuilt gaming desktops usually make you pay extra for the convenience. This one is interesting because the discount lines up with what the market is doing right now. The Alienware Aurora ACT1250 is $2,399.99 for a limited time, down from $2,999.99 (20% off).

The key reason this deal pops is the GPU. Even though NVIDIA lists the RTX 5080 as starting at $999, real-world pricing has been running far higher due to availability and demand.

What you’re getting

This configuration is built like a “no compromises” core setup for high-end 2026 gaming and creator workloads:

• Intel Core Ultra 9 285 processor
• Liquid cooling
• NVIDIA GeForce RTX 5080
• 32GB DDR5 RAM
• 1TB SSD
• 1000W Platinum-rated power supply
• Windows 11 Home

Those parts matter because they keep the machine balanced. You’re not just buying a big GPU and then living with tiny storage or borderline memory.

Why it’s worth it

Here’s the straight and narrow on the RTX 5080: it’s reasonable to say the card alone is hovering around the $1,400–$1,500 range in many listings right now. Newegg search results commonly show RTX 5080 cards around $1,499 (with “more options” spanning higher), and tracking sites are also showing $1,499 as a current Amazon price point.

So when a full, liquid-cooled prebuilt with a 1000W Platinum PSU and 32GB DDR5 lands at $2,399.99, the value becomes less about “is Alienware worth it” and more about “how much hassle am I avoiding.” You skip the parts hunt, compatibility checks, the build time, and the risk of catching the GPU market on a bad week. And since GPU prices have been volatile again recently, locking in a full system price can be the better move.

The bottom line

At $2,399.99, this Alienware Aurora deal makes sense for anyone who wants an RTX 5080-class desktop now and doesn’t want to play the waiting game with GPU inventory and pricing. If you were planning to build a similar rig and the RTX 5080 is already eating $1,400–$1,500 of the budget, this prebuilt starts looking like the more efficient path.

Sweden’s Lassie, the ‘prevention-first’ pet insurer, has raised $75m in Series C funding to support its mission to become a leader in Europe’s pet care and insurance market.

It is one of the largest insurtech funding rounds in Europe in recent years and includes participation from Balderton Capital, Felix Capital, Inventure, Passion Capital and Stena Sessan.

The Lassie model works on the premise that insurance should be combined with proactive pet care to keep animals healthy and happy for longer. Its localised insurance products are delivered through a daily-use app that “educates, motivates and rewards pet parents for preventive care, using AI to remove friction from every part of the experience”.

“Pet parents don’t just want reimbursements – they want help keeping their pets healthy,” said Hedda Båverud Olsson, CEO and co-founder of Lassie, which currently operates in Sweden, Germany and France, insuring more than 250,000 pets.

“This round enables us to accelerate our growth and expand our prevention-first offering to even more pet parents. We’ve shown we can build outstanding insurance products and then scale them market by market. The key is deep localisation paired with a unique pricing model that combines real-time data with a preventive approach, and we’re excited to repeat this across more European markets.”

“Balderton are excited to invest again in Lassie as they create the leading pet care ecosystem across Europe,” said Rob Moffat, partner at Balderton.

“Lassie’s best-in-class user engagement enables them to expand from insurance into preventive care and, over time, all aspects of looking after your pet. Their world-leading use of AI automation has allowed them to scale successfully across Germany, Sweden and France with a very lean team.”

Powered by agentic AI, Lassie said its platform now processes 60pc of claims in Germany end to end in around six minutes. Customers simply upload a photo of their vet bill and receive near-instant payouts for straightforward treatments. Founders Olsson, Sophie Wilkinson and Johan Jönsson bring together a background in insurance and engineering-led automation. Now the start-up is planning to expand into other European countries.

The start-up is also focusing on building partnerships and already has collaborations with Lidl, offering pet insurance through its Lidl Plus rewards programme, and Tractive, enabling activity-based rewards and discounts through GPS pet tracking.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

With more and more sensors being crammed into the consumer devices that many of us wear every day, the question of where medical devices begin and end, and how they should be regulated become ever more pertinent. When a ‘watch’ no longer just shows the time, but can keep track of a dozen vital measurements, and the line between ‘earbud’ and ‘hearing aid’ is a rather fuzzy one, this necessitates that institutions like the US FDA update their medical device rules, as was done recently in its 2026 update.

This determines how exactly these devices are regulated, and in how far their data can be used for medical purposes. An important clarification made in the 2026 update is the distinction between ‘medical information’ and ‘signals/patterns’. Meaning that while a non-calibrated fitness tracker or smart watch does not provide medically valid information, it can be used to detect patterns and events that warrant a closer look, such as indications of arrhythmia or low blood oxygen saturation.

As detailed in the IEEE Spectrum article, these consumer devices are thus  ‘general wellness’ devices, and should be marketed as such, without embellished claims. Least of all should they be sold as devices that can provide medical information.

Another major aspect with these general wellness devices is what happens to the data that they generate. While not medical information, it does provide health information about a person that e.g. a marketing company would kill for to obtain. This privacy issue is unresolved in the US market, while other countries prescribe strict requirements about such data handling.

Effectively, this leaves the designers of wearables relatively free to do whatever they want, as long as they do not claim that the medical data being produced from any sensors is medical information. How this data is being handled is strictly regulated in most markets, except for the US, which is quite worrying and something you should definitely be aware of.

As for other medical device purposes like hearing aids, the earbuds capable of this fortunately do not generally collect information. They do need to have local regulatory approval to enable the feature, however, even if you can bypass any geofencing with some creative hacking.

Apple continues to double down on its Formula 1 programming, following up on the box office success of its blockbuster movie by adding a dedicated channel for the racing league to the Apple TV app. This section of the streaming service hints at some of what may be coming when the F1 season begins with the kickoff event in Australia next month. The F1 channel has placeholders for practices, qualifying and the grand prix as well as a weekend warm-up show.

Although it announced the five-year deal to host F1 broadcasts in the US back in October, we still haven’t heard many specifics on how Apple’s presentation of the race events will work. The channel has a section labeled “Event Schedule: Sky Sports,” which suggests that Apple will show the commentary from Sky rather than providing its own hosts; ESPN took that approach during its tenure with the F1 broadcast rights. In addition to the forward-looking streams, Apple TV also has some videos with highlights from the 2025 season and a recap of the rule changes for 2026.

If you’re looking to follow Formula 1 in the 2026 season, some races will be available to watch for free. However, a F1 TV Premium streaming package is now part of an Apple TV subscription, so that’s likely to be the preferred ticket for serious fans. F1TV grants access to all the zooming around you could want as well as to behind-the-scenes content like driver cams and live team radios.

‘ByteDance’s virtual smash-and-grab of Disney’s IP is wilful, pervasive and totally unacceptable,’ Disney’s cease and desist letter read.

TikTok’s Chinese parent ByteDance has promised to “strengthen current safeguards” against intellectual property theft after Disney threatened legal action over videos generated by the company’s latest AI video generator Seedance 2.0.

In a cease and desist letter, Disney claimed that Seedance 2.0 has a “pirated library” of Disney assets from its biggest franchises. The company accused ByteDance of using its proprietary content assets as if they were in the public domain.

“ByteDance’s virtual smash-and-grab of Disney’s IP is wilful, pervasive and totally unacceptable,” the letter read. “We believe this is just the tip of the iceberg – which is shocking considering Seedance has only been available for a few days.” The document was first seen and reported on by Axios.

Seedance 2.0 garnered immediate praise following its launch earlier this month. Swiss-based consultancy CTOL called it the “most advanced AI video generation model available”, placing it above OpenAI’s Sora 2 and Google’s Veo 3.1 in practical testing. The successful launched sparked growth in the Shanghai Shenzhen CSI 300 Index.

Responding to Disney’s criticism, ByteDance told media publications that it “respects intellectual property rights”.

It added: “We are taking steps to strengthen current safeguards as we work to prevent the unauthorised use of intellectual property and likeness by users.” The company, however, did not specify details of the safeguards it plans to implement.

Others were quick to share their displeasure as well. The Motion Picture Association (MPA), which represents major US studios including Warner Bros Discovery and Paramount, demanded that Seedance 2.0 “immediately cease its infringing activity”.

“By launching a service that operates without meaningful safeguards against infringement, ByteDance is disregarding well-established copyright law”, the MPA said in a strongly worded statement.

Meanwhile, US actors’ union SAG-AFTRA said that Seedance 2.0 has infringed on its members’ voices and likenesses. “Seedance 2.0 disregards law, ethics, industry standards and basic principles of consent,” it added.

The Japanese government launched an investigation into ByteDance over the weekend over potential copyright law violations after users generated videos of the country’s prime minister Sanae Takaichi, and characters from popular anime and manga series ‘Detective Conan’ and ‘Ultraman’, without consent.

Disney is known to be protective of its intellectual property that spans many successful franchises created over decades. The company sent a similar cease and desist letter to Google last December, alleging that the tech giant infringed on its copyrights. The move prompted Google to restrict Gemini and AI image creator Nano Banana from generating Disney-copyrighted content.

Disney’s attempt to stop Google came around the time the company announced a licensing deal with OpenAI’s Sora and ChatGPT – after initially opting out from allowing the company to use its content.

The three-year licensing deal would see users gaining access to more than 200 copyrighted characters, plus  costumes, props, vehicles and environments, but no talent likenesses or voices.

Last June, Disney and Universal sued Midjourney, accusing the AI company of being the “quintessential copyright free-rider and a bottomless pit of plagiarism”. The case is ongoing.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.