Latest Internet & Cybersecurity News

đź“…February 13, 2026 at 1:00 AM
February 2026 cybersecurity landscape features massive vendor patches including zero-days, rising AI-driven threats, nation-state cyber coercion, ransomware surges, and record CVE forecasts.
1

Recorded Future 2026 State of Security Report Warns of Cyber as Core Global Power Tool

Cyber operations are now inseparable from physical conflict, driven by geopolitical fragmentation and AI, creating persistent threats in 2026Source 1. Nation-states use cyber access for coercion via network edges, with identity as the primary attack surfaceSource 1. Predictions include fragmented always-on threats and connectivity disruptions as escalation toolsSource 1.

2

February 2026 Patch Tuesday: Microsoft Fixes 59 Vulnerabilities Including 6 Zero-Days

Microsoft, SAP, Intel, Adobe, and over 60 vendors released critical security patches, with Microsoft addressing 59 flaws including actively exploited zero-daysSource 2. APT28 and APT29 likely exploiting Microsoft issues targeting government and infrastructureSource 2. No exploitation yet reported for new SAP, Intel TDX, or Adobe vulnerabilitiesSource 2.

3

FIRST Forecasts Over 50,000 CVEs in 2026, Potentially Surging to Six Figures

Cybersecurity group FIRST predicts 50,000+ CVE disclosures in 2026, with median 59,000 and upper range near 117,000, straining security teamsSource 7. Organizations must prioritize high-risk vulnerabilities amid expanding asset estatesSource 7. Three-year outlook shows sustained high volumes through 2028Source 7.

4

Google Detects State-Backed Hackers Abusing Gemini AI for Recon and Phishing

Nation-state actors use Google's Gemini AI for target profiling, phishing kits like COINBAIT, and malware staging with HONESTCUESource 8. Activities linked to financially motivated UNC5356 clusterSource 8. This highlights AI's role in enhancing attacker capabilitiesSource 8.

5

Apple Patches Critical Zero-Day CVE-2026-20700 Exploited in Targeted Attacks

Apple fixed memory corruption vulnerability in dyld (CVE-2026-20700) exploited in targeted attacks, affecting iPhone 11+, iPads, and macOS TahoeSource 10Source 14. Discovered by Google's Threat Analysis Group, linked to prior 2025 campaignsSource 10. Users urged to update to iOS 18.7.5 and macOS Tahoe 26.3 immediatelySource 10.

6

China-Linked Storm 2603 Exploits SmarterMail Flaws for Warlock Ransomware

Threat actor Storm 2603 used CVE-2026-23760 authentication bypass in SmarterMail to deploy Warlock ransomwareSource 6. CISA added CVE-2026-24423 to Known Exploited Vulnerabilities on Feb 5, with exploitation since Jan 28Source 6. Targets small to medium businesses using SmarterMail as Exchange alternativeSource 6.

7

Chinese APTs Salt Typhoon and UNC3886 Embed in Global Telecom Infrastructure

Chinese state-linked groups exploit routers, firewalls from Cisco, Ivanti, others with rootkits for stealthy persistenceSource 4. Systematic intrusions in telecom worldwide over recent yearsSource 4. CYFIRMA also reports Leora Infotech data breach by KaruHunters on dark webSource 4.

8

AI Accelerates Cybercrime: Lowered Costs, Identity as New Perimeter

AI reduces cyberattack costs to near zero, enabling ransomware at 10x speed and 80% AI phishing with MFA bypassSource 3. Fortinet predicts cybercrime acceleration via AI automation; budgets rise 25%+ for AI risksSource 3. Employee public AI use doubled, mirroring threat actor speedSource 3.

9

International AI Safety Report 2026 Highlights GPAI in Cyberattacks

Report assesses general-purpose AI enabling cyberattacks via vulnerability ID and code execution, used by criminals and statesSource 5. AI scales attack prep but not fully autonomous yet; dual-use challenges hinder restrictionsSource 5. Largest global AI safety collaboration led by Yoshua BengioSource 5.

10

Hacktivists, State Actors from Russia, China Target Global Defense Industry

Google warns of attacks by Russian, Chinese, North Korean, Iranian actors on defense sector alongside hacktivists and cybercriminalsSource 11. Ongoing campaigns exploit supply chains and remote access vectorsSource 11. Highlights defense as high-value target amid geopolitical tensionsSource 11.

11

World Leaks Ransomware Deploys Custom 'RustyRocket' Malware

Ransomware group World Leaks added stealthy RustyRocket custom malware to operationsSource 13. Surge in ransomware prompts US federal cybersecurity guidance and enforcementSource 15. Reflects evolving tactics in persistent criminal ecosystemsSource 13Source 15.

12

Fake 7-Zip Site Spreads Trojan Creating Residential Proxy Network

Trojanized 7-Zip installers, plus HolaVPN, TikTok fakes, build proxy botnet using obfuscation and anti-detectionSource 10. Campaign employs rotating C2 domains and DNS-over-HTTPSSource 10. Extends supply-chain risks in software downloadsSource 10.

Back to News
Latest Internet & Cybersecurity News | DeckBook AI