Latest Internet & Cybersecurity News
Microsoft February 2026 Patch Tuesday Fixes 59 CVEs Including Six Zero-Days
Microsoft released patches for 59 vulnerabilities affecting Windows, Office, and other components, addressing six zero-day flaws actively exploited in the wild, such as CVE-2026-21510 and CVE-2026-21513 with CVSS scores of 8.8. Critical issues in Azure ACI, Notepad RCE, and Hyper-V were also fixed, urging immediate deployment to prevent exploitation.
Apple Patches Critical Zero-Day CVE-2026-20700 in dyld Exploited in Targeted Attacks
Apple addressed CVE-2026-20700, a memory corruption vulnerability in its Dynamic Link Editor, exploited in sophisticated attacks against specific individuals across iOS, macOS, and other platforms. Discovered by Google's Threat Analysis Group, it allows arbitrary code execution; users should update to iOS 18.7.5 and macOS Tahoe 26.3 immediately.
China-Linked Storm 2603 Exploits SmarterMail Flaws for Warlock Ransomware
Threat actor Storm 2603 abused CVE-2026-23760 authentication bypass in SmarterMail to deploy Warlock ransomware, using admin functions to evade detection and installing Velociraptor for persistence. CVE-2026-24423 enables unauthenticated RCE; CISA added it to Known Exploited Vulnerabilities on Feb 5 after attacks since Jan 28.
SmarterTools confirmed its own breach via an unpatched VM.
Supply Chain Attack on Outlook Add-in Exposes 4,000+ Microsoft Credentials
Abandoned Outlook add-in AgreeTo was hijacked for phishing, capturing over 4,000 Microsoft credentials, credit cards, and banking details via outlook-one.vercel.app. Served from Microsoft's store, it highlights risks of unmaintained apps in enterprise marketplaces.
State-Sponsored Lotus Blossom Hijacks Notepad++ Updates for Malware Delivery
Lotus Blossom compromised Notepad++ update infrastructure from June-Dec 2025, delivering malicious NSIS installers with Cobalt Strike via DLL side-loading to SE Asia targets in gov, telco, and finance. Attackers misused Bitdefender components for evasion and rotated C2 servers.
Odido Telco Breach Leaks Data of 6.2 Million Dutch Customers
Dutch telco Odido suffered a cyberattack exposing names, addresses, phone numbers, IBANs, and ID numbers of 6.2 million users from a customer contact system. Services remained operational; attackers terminated access, but data status on dark web unknown.
Chinese APTs Salt Typhoon and UNC3886 Embed in Global Telecom Infrastructure
State-linked groups like Salt Typhoon exploit routers from Cisco, Juniper, and others with rootkits for long-term persistence in worldwide telecom networks. They modify configurations for stealthy access to critical infrastructure.
Leora Infotech Data Breach Advertised by KaruHunters on Dark Web
India-based IT firm Leora Infotech's database was compromised and offered for $200 by KaruHunters on Feb 6, highlighting risks to service providers. The group specializes in data leaks from underground forums.
Kimwolf IoT Botnet Disrupts I2P Anonymity Network
Over 2 million compromised Android TV boxes in the Kimwolf botnet flooded I2P for C2 purposes, causing outages as collateral damage to privacy tech. Botmasters sought resilient infrastructure, showing IoT threats to anonymity networks.
EU Launches Revised Cybersecurity Act and NIS2 Amendments
European Commission proposed updates to simplify certification, expand ENISA powers, and improve ransomware data collection under NIS2. New ICT Supply Chain Security Toolbox addresses risks across supply chains.
French CNIL Fines Agency €5M for Massive Jobseeker Data Breach
CNIL sanctioned a French governmental agency €5 million after a cyberattack exposed jobseeker data due to poor account security and monitoring. Additional fines hit telco subsidiaries for 24 million records leak with retention issues.
BeyondTrust CVE-2026-1731 Exploited Within 24 Hours of PoC Release
Hackers targeted the BeyondTrust vulnerability CVE-2026-1731 immediately after its Feb 10 PoC, with GreyNoise detecting attacks shortly after. Rapid exploitation underscores need for swift patching.