The **GPUGate malware campaign** continues to evolve, now leveraging **Claude AI artifacts and Google Ads** to distribute **MacSync and AMOS infostealers** via **ClickFix attacks**. Over **15,600 users** have accessed malicious Claude-generated guides, which instruct victims to execute Terminal commands fetching malware payloads. This follows earlier waves abusing **ChatGPT/Grok chats, fake GitHub repositories, and malvertising** to deploy stealers targeting credentials, crypto wallets, and system data. The campaign, active since **April 2023**, has expanded from traditional phishing to **abusing AI ecosystems, supply-chain weaknesses, and trusted platforms** (e.g., Homebrew, LogMeIn, AI assistants). Russian-speaking actors operate **AMOS as a Malware-as-a-Service (MaaS)**, with stolen logs sold in underground markets to fuel fraud, ransomware, and account takeovers. The latest **Claude artifact abuse** underscores the shift toward **high-impact, scalable distribution channels**, exploiting weak platform vetting and user trust in AI-generated content. Organizations should monitor for **suspicious Terminal activity, C2 traffic to domains like `a2abotnet[.]com`, and unauthorized data egress** while educating users on **ClickFix-style lures** and unverified AI tool instructions.

South Korea's Personal Information Protection Commission (PIPC) fined Louis Vuitton, Christian Dior Couture, and Tiffany a total of $25 million for failing to implement adequate security measures, leading to data breaches that exposed over 5.5 million customers' personal information. The breaches occurred due to malware infection, phishing attacks, and inadequate access controls on cloud-based customer management services. The fines were imposed for violations such as not restricting access rights to IP addresses, failing to apply secure authentication methods, and delaying breach notifications beyond the legally required 72-hour window.

A coordinated spear-phishing campaign, dubbed PhantomCaptcha, targeted organizations involved in Ukraine's war relief efforts. The campaign delivered a remote access trojan (RAT) using a WebSocket for command-and-control (C2). The attack took place on October 8, 2025, and impersonated the Ukrainian President's Office, using weaponized PDFs and fake Zoom meetings to trick victims into executing malicious PowerShell commands. The malware performed reconnaissance and enabled remote command execution and data exfiltration. The campaign targeted members of the International Red Cross, Norwegian Refugee Council, UNICEF Ukraine, Council of Europe's Register of Damage for Ukraine, and Ukrainian regional government administrations. The malware was hosted on Russian-owned infrastructure and connected to a remote WebSocket server for C2 operations. The campaign took six months to prepare and involved a sophisticated multi-stage spear-phishing operation, with the weaponized PDF appearing as a legitimate governmental communique. The attack chain included a heavily obfuscated PowerShell downloader to bypass signature-based defenses and hinder analysis. The second-stage payload collected various user data, which was XOR-encrypted and sent to the C2 server. The final payload was a lightweight PowerShell backdoor that repeatedly reconnected to the remote WebSocket server. The campaign demonstrated extensive operational planning, compartmentalized infrastructure, and deliberate exposure control, with the infrastructure active only for a single day. A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group (GTIG) described the hack group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional and national governments. The group has also exhibited growing interest in aerospace organizations, manufacturing companies with military and drone ties, nuclear and chemical research organizations, and international organizations involved in conflict monitoring and humanitarian aid in Ukraine.

State-sponsored actors from China, Iran, North Korea, and Russia have intensified cyber operations against the defense industrial base (DIB) sector. The attacks focus on defense entities involved in the Russia-Ukraine War, exploitation of hiring processes, use of edge devices for initial access, and supply chain risks from breaches in the manufacturing sector. The campaigns involve sophisticated malware, phishing, and social engineering tactics to evade detection and exfiltrate sensitive data.

VoidLink is a Linux-based command-and-control (C2) framework capable of long-term intrusion across cloud and enterprise environments. The malware generates implant binaries designed for credential theft, data exfiltration, and stealthy persistence on compromised systems. VoidLink combines multi-cloud targeting with container and kernel awareness in a single Linux implant, fingerprinting environments across major cloud providers and adjusting its behavior based on what it finds. The implant harvests credentials from environment variables, configuration files, and metadata APIs, and profiles security controls, kernel versions, and container runtimes before activating additional modules. VoidLink employs a modular plugin-based architecture that loads functionality as needed, including credential harvesting, environment fingerprinting, container escape, Kubernetes privilege escalation, and kernel-level stealth. The malware uses AES-256-GCM over HTTPS for encrypted C2 traffic, designed to resemble normal web activity. VoidLink stands out for its apparent development using a large language model (LLM) coding agent with limited human review, as indicated by unusual development artifacts such as structured "Phase X:" labels, verbose debug logs, and documentation left inside the production binary. The research concludes that VoidLink is not a proof-of-concept but an operational implant with live infrastructure, highlighting how AI-assisted development is lowering the barrier to producing functional, modular, and hard-to-detect malware. A previously unknown threat actor tracked as UAT-9921 has been observed leveraging VoidLink in campaigns targeting the technology and financial services sectors. UAT-9921 has been active since 2019, although they have not necessarily used VoidLink over the duration of their activity. The threat actor uses compromised hosts to install VoidLink command-and-control (C2), which are then used to launch scanning activities both internal and external to the network. VoidLink is deployed as a post-compromise tool, allowing the adversary to sidestep detection. The threat actor has been observed deploying a SOCKS proxy on compromised servers to launch scans for internal reconnaissance and lateral movement using open-source tools like Fscan. VoidLink uses three different programming languages: ZigLang for the implant, C for the plugins, and GoLang for the backend. The framework supports compilation on demand for plugins, providing support for the different Linux distributions that might be targeted. The plugins allow for gathering information, lateral movement, and anti-forensics. VoidLink comes fitted with a wide range of stealth mechanisms to hinder analysis, prevent its removal from the infected hosts, and even detect endpoint detection and response (EDR) solutions and devise an evasion strategy on the fly. VoidLink has an auditability feature and a role-based access control (RBAC) mechanism, which consists of three role levels: SuperAdmin, Operator, and Viewer. There are signs that there exists a main implant that has been compiled for Windows and can load plugins via a technique called DLL side-loading.

Criminal IP has integrated its threat intelligence platform with IBM QRadar SIEM and QRadar SOAR. This integration enables security teams to leverage external IP-based threat intelligence directly within QRadar's detection, investigation, and response workflows. The integration enhances real-time threat visibility, supports interactive investigations, and extends intelligence into automated SOAR workflows, improving detection accuracy and response efficiency.

BeyondTrust has patched a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2026-1731, CVSS 9.9) in Remote Support (RS) and Privileged Remote Access (PRA) products. The flaw could allow unauthenticated attackers to execute OS commands in the context of the site user, leading to unauthorized access, data exfiltration, and service disruption. The vulnerability affects RS versions 25.3.1 and prior, and PRA versions 24.3.4 and prior. Patches are available in RS versions 25.3.2 and later, and PRA versions 25.1.1 and later. Self-hosted customers must manually apply updates if not subscribed to automatic updates. The vulnerability was discovered on January 31, 2026, with approximately 11,000 exposed instances identified, including around 8,500 on-prem deployments. BeyondTrust secured all RS/PRA cloud systems by February 2, 2026. The flaw was discovered by Harsh Jaiswal and the Hacktron AI team. Threat actors can exploit the flaw through maliciously crafted client requests in low-complexity attacks that do not require user interaction. In June 2025, BeyondTrust fixed a high-severity RS/PRA Server-Side Template Injection vulnerability. Attackers have begun actively exploiting the CVE-2026-1731 vulnerability in the wild, abusing the get_portal_info endpoint to extract the x-ns-company value before establishing a WebSocket channel. A proof-of-concept exploit targeting the /get_portal_info endpoint was published on GitHub. CISA has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including CVE-2026-20700, CVE-2025-15556, CVE-2025-40536, and CVE-2024-43468. CVE-2024-43468 was patched by Microsoft in October 2024 but is still being exploited in real-world attacks. CISA ordered U.S. government agencies to secure their systems against CVE-2024-43468 by March 5, 2026. CVE-2026-20700 was acknowledged by Apple to have been exploited in sophisticated attacks against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-15556 exploitation has been attributed to the China-linked state-sponsored threat actor Lotus Blossom, delivering a previously undocumented backdoor called Chrysalis.

The Munich Security Index (MSI) 2026 report highlights that G7 nations have identified cyber threats as their most significant risk for the second consecutive year. Cyber-attacks were ranked as the top concern in 2025, followed by economic or financial crises and disinformation campaigns. This trend contrasts with the BICS nations, where cyber threats have fallen to eighth place, with climate change now seen as the most urgent risk. In the UK, US, and India, concerns over various threats have grown, particularly in the US, where economic and political instability is a major concern. The report is based on surveys conducted in November 2025, with a margin of error of 3.1 percent.

The Cybersecurity and Infrastructure Security Agency (CISA) has announced a series of virtual town hall meetings to gather stakeholder input on the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) rulemaking. These meetings aim to finalize the rule, which will require covered organizations to report cyber incidents within 72 hours and ransom payments within 24 hours. The first town hall is scheduled for March 9, with updates available on CISA's website.

Over 260,000 Google Chrome users downloaded fake AI assistant extensions that steal login credentials, monitor emails, and enable remote access. Researchers at LayerX identified over 30 malicious extensions as part of a coordinated campaign called AiFrame. The extensions mimicked popular AI assistants like Claude AI, ChatGPT, Grok, and Google Gemini. The campaign used extension spraying to evade takedowns, directing users to remote infrastructure to avoid detection. The extensions exfiltrate data from Chrome and Gmail to attacker-controlled servers. LayerX warns that these extensions act as general-purpose access brokers, capable of harvesting data and monitoring user behavior. Many extensions have been removed from the Chrome Web Store, but users who downloaded them remain at risk. Additionally, cybersecurity researchers have discovered a malicious Google Chrome extension named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl) that steals TOTP codes for Facebook and Meta Business accounts, Business Manager contact lists, and analytics data. The extension exfiltrates data to infrastructure controlled by the threat actor, including a backend at getauth[.]pro and a Telegram channel. The extension has 33 users as of writing and was first uploaded to the Chrome Web Store on March 1, 2025. About 500,000 VKontakte users have had their accounts silently hijacked through Chrome extensions masquerading as VK customization tools. The large-scale campaign has been codenamed VK Styles. The malware embedded in the extensions is designed to engage in active account manipulation by automatically subscribing users to the attacker's VK groups, resetting account settings every 30 days to override user preferences, manipulating CSRF tokens to bypass VK's security protections, and maintaining persistent control. The activity has been traced to a threat actor operating under the GitHub username 2vk, who has relied on VK's own social network to distribute malicious payloads and build a follower base through forced subscriptions. A report published by Q Continuum found a huge collection of 287 Chrome extensions that exfiltrate browsing history to data brokers. These extensions have 37.4 million installations, representing roughly 1% of the global Chrome userbase.

In December 2025, npm completed a major authentication overhaul to reduce supply-chain attacks following the Sha1-Hulud incident. The update includes revoking classic tokens and defaulting to session-based tokens, improving token management, and encouraging OIDC Trusted Publishing. However, risks remain due to optional MFA for publishing and potential MFA phishing attacks. The changes aim to mitigate attacks like those on ChalkJS, where MFA phishing led to malicious package uploads. Despite improvements, optional MFA and long-lived tokens still pose risks. Recommendations include enforcing MFA for local package uploads and adding metadata to package releases to enhance security.

Microsoft has resolved a bug in its Family Safety service that was preventing Google Chrome and other web browsers from launching on Windows 10 and Windows 11 systems. The issue, acknowledged in June 2025, caused browsers to crash or fail to launch due to a problem with the web filtering tool. The bug affected devices running Windows 10 22H2 and Windows 11 22H2 or later. Microsoft deployed a service-side fix in early February 2026 to address the problem.

The Russian government is escalating its crackdown on communication platforms outside its control, attempting to block WhatsApp and aggressively throttling Telegram. This follows previous restrictions on WhatsApp, including throttling voice and video calls and blocking new user registrations. The move is part of a broader effort to push citizens toward the Kremlin-controlled MAX messenger app, which has been mandatory on electronic devices since September 2025. WhatsApp has condemned the action, stating it will continue efforts to keep users connected. The Russian internet watchdog, Roskomnadzor, has cited countering crime and fraud as the reason for these measures.

Two malware strains were discovered in an organization's network after attackers exploited two zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). The vulnerabilities, CVE-2025-4427 and CVE-2025-4428, allow for authentication bypass and remote code execution, respectively. Attackers used these flaws to gain access to the EPMM server, execute arbitrary code, and maintain persistence. The attack began around May 15, 2025, following the publication of a proof-of-concept exploit. The malware sets include loaders that enable arbitrary code execution and data exfiltration. The vulnerabilities affect Ivanti EPMM development branches 11.12.0.4, 12.3.0.1, 12.4.0.1, and 12.5.0.0 and their earlier releases. A China-nexus espionage group was leveraging the vulnerabilities since at least May 15, 2025. The threat actor targeted the /mifs/rs/api/v2/ endpoint with HTTP GET requests and used the ?format= parameter to send malicious remote commands. The malware sets include distinct loaders with the same name, and malicious listeners that allow injecting and running arbitrary code on the compromised system. The threat actor delivered the malware through separate HTTP GET requests in segmented, Base64-encoded chunks. Organizations are advised to update their EPMM instances, monitor for suspicious activity, and implement access restrictions to prevent unauthorized access to mobile device management systems. Ivanti has disclosed two additional critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, which were exploited in zero-day attacks. These code-injection vulnerabilities allow remote attackers to execute arbitrary code on vulnerable devices without authentication. Ivanti has released RPM scripts to mitigate the vulnerabilities and advises applying them as soon as possible. The vulnerabilities will be permanently fixed in EPMM version 12.8.0.0, scheduled for release later in Q1 2026. CISA has added CVE-2026-1281 to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation. The vulnerabilities affect EPMM versions 12.5.0.0 and prior, 12.6.0.0 and prior, and 12.7.0.0 and prior (Fixed in RPM 12.x.0.x), and EPMM 12.5.1.0 and prior and 12.6.1.0 and prior (Fixed in RPM 12.x.1.x). The RPM patch does not survive a version upgrade and must be reapplied if the appliance is upgraded to a new version. The vulnerabilities affect the In-House Application Distribution and the Android File Transfer Configuration features and do not affect other products, including Ivanti Neurons for MDM, Ivanti Endpoint Manager (EPM), or Ivanti Sentry. Successful exploitation of the EPMM appliance will enable arbitrary code execution on the appliance and allow lateral movement to the connected environment. EPMM contains sensitive information about devices managed by the appliance. Legitimate use of the capabilities will result in 200 HTTP response codes in the Apache Access Log, whereas successful or attempted exploitation will cause 404 HTTP response codes. Customers are advised to review EPMM administrators for new or recently changed administrators, authentication configuration, new push applications for mobile devices, configuration changes to applications, new or recently modified policies, and network configuration changes. In the event of compromise, users are advised to restore the EPMM device from a known good backup or build a replacement EPMM and then migrate data to the device. After restoring, users should reset the password of any local EPMM accounts, reset the password for the LDAP and/or KDC service accounts, revoke and replace the public certificate used for EPMM, and reset the password for any other internal or external service accounts configured with the EPMM solution. The Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed that their systems were impacted by cyber attacks exploiting Ivanti EPMM vulnerabilities. Work-related data of AP employees, including names, business email addresses, and telephone numbers, were accessed by unauthorized persons. The European Commission identified traces of a cyber attack that may have resulted in access to names and mobile numbers of some of its staff members. Finland's state information and communications technology provider, Valtori, disclosed a breach that exposed work-related details of up to 50,000 government employees. The attacker gained access to information used in operating the service, including names, work email addresses, phone numbers, and device details. Investigations showed that the management system did not permanently delete removed data but only marked it as deleted, potentially compromising device and user data belonging to all organizations that have used the service during its lifecycle. The European Commission's central infrastructure managing mobile devices discovered signs of a breach on January 30, 2026, which may have resulted in access to staff names and mobile numbers. The Dutch justice and security secretary confirmed that the Council for the Judiciary (Rvdr) and the Dutch Data Protection Authority (AP) were breached, with unauthorized access to work-related data of AP employees, including names, business email addresses, and telephone numbers. Finnish government ICT center Valtori discovered a breach on January 30, 2026, affecting its mobile device management service, potentially exposing details of up to 50,000 government workers. Ivanti released patches for two critical (CVSS 9.8) zero-day bugs in EPMM on January 29, 2026, noting that a very limited number of customers had been exploited at the time of disclosure. CVE-2026-1281 and CVE-2026-1340 are code injection flaws that could allow attackers to achieve unauthenticated remote code execution. A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. GreyNoise recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026, with 83% originating from 193.24.123[.]42. The same IP address exploited three other CVEs across unrelated software, indicating the use of automated tooling. 85% of the exploitation sessions beaconed home via DNS to confirm target exploitability without deploying malware or exfiltrating data. PROSPERO is linked to another autonomous system called Proton66, which has a history of distributing desktop and Android malware. Defused Cyber reported a "sleeper shell" campaign that deployed a dormant in-memory Java class loader to compromised EPMM instances, indicative of initial access broker tradecraft. Organizations are advised to apply patches, audit internet-facing MDM infrastructure, review DNS logs for OAST-pattern callbacks, monitor for the /mifs/403.jsp path on EPMM instances, and block PROSPERO's autonomous system (AS200593) at the network perimeter level.

Bitwarden has introduced 'Cupid Vault,' a new feature allowing users to securely share passwords with trusted individuals via a shared vault. This feature is available to all users, including those on the free plan, and supports two-person shared vaults called 'Organizations.' The shared vault is isolated from personal vaults, and access can be revoked at any time. The feature includes security measures such as fingerprint verification to prevent unauthorized access. Cupid Vault is designed for sharing login credentials for media streaming services and other online platforms. It is available ahead of Valentine's Day and is limited to 2 collections and 2 users for free plan users. Paid plans already offer similar features with more advanced capabilities.

A China-linked hacking group, UNC6384 (Mustang Panda), is exploiting a Windows zero-day vulnerability (CVE-2025-9491) to target European diplomats in Hungary, Belgium, Italy, the Netherlands, and Serbian government agencies. The campaign involves spearphishing emails with malicious LNK files to deploy the PlugX RAT and gain persistence on compromised systems. The attacks have broadened in scope to include diplomatic entities from Italy and the Netherlands. The zero-day vulnerability allows for remote code execution on targeted Windows systems, enabling the group to monitor diplomatic communications and steal sensitive data. Microsoft has not yet released a patch for this vulnerability, which has been heavily exploited by multiple state-sponsored groups and cybercrime gangs since March 2025. Microsoft has silently mitigated the vulnerability by changing LNK files in the November updates to display all characters in the Target field, not just the first 260. ACROS Security has also released an unofficial patch to limit shortcut target strings to 260 characters and warn users about potential dangers. Security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LNK shortcut files that allow attackers to deploy malicious payloads. Beukema documented four previously unknown techniques for manipulating Windows LNK shortcut files to hide malicious targets from users inspecting file properties. The discovered issues exploit inconsistencies in how Windows Explorer prioritizes conflicting target paths specified across multiple optional data structures within shortcut files. The most effective variants use forbidden Windows path characters, such as double quotes, to create seemingly valid but technically invalid paths, causing Explorer to display one target while executing another. The most powerful technique identified involves manipulating the EnvironmentVariableDataBlock structure within LNK files to display a fake target in the properties window while actually executing PowerShell or other malicious commands. Microsoft declined to classify the EnvironmentVariableDataBlock issue as a security vulnerability, arguing that exploitation requires user interaction and does not breach security boundaries. Microsoft Defender has detections in place to identify and block this threat activity, and Smart App Control provides an additional layer of protection by blocking malicious files from the Internet. Beukema released "lnk-it-up," an open-source tool suite that generates Windows LNK shortcuts using these techniques for testing and can identify potentially malicious LNK files by predicting what Explorer displays versus what actually executes. CVE-2025-9491 was widely exploited by at least 11 state-sponsored groups and cybercrime gangs, including Evil Corp, Bitter, APT37, APT43 (also known as Kimsuky), Mustang Panda, SideWinder, RedHotel, Konni, and others.

The Qilin ransomware group has confirmed the theft of nearly **1TB of data** from **Conpet S.A.**, Romania’s national oil pipeline operator, following a cyberattack on February 5, 2026. While the company’s **operational technologies (SCADA and telecommunications) remained unaffected**, the breach compromised corporate IT systems, exposing internal documents—including financial records and passport scans—some dated as recently as **November 2025**. Conpet has warned of potential fraud risks stemming from the stolen data and is working with Romania’s **National Cyber Security Directorate (DNSC)** to investigate the incident. This attack is part of Qilin’s broader 2025–2026 campaign, which has targeted high-profile victims across **62 countries**, including **Asahi Group (Japan)**, **Mecklenburg County Public Schools (U.S.)**, **Creative Box Inc. (Nissan subsidiary)**, and **Synnovis (UK pathology provider)**. The group employs **hybrid tactics**, such as abusing **Windows Subsystem for Linux (WSL)** to deploy Linux encryptors on Windows systems, **BYOVD (Bring Your Own Vulnerable Driver) exploits**, and **supply-chain compromises via Managed Service Providers (MSPs)**. Qilin’s **double-extortion model**—combining encryption with data leaks—has disrupted critical infrastructure, manufacturing, and financial sectors, with **over 700 confirmed victims in 2025 alone**. Recent developments include **politically charged leaks in South Korea** and **collaborations with affiliates like Scattered Spider**, underscoring the group’s evolving threat to global cybersecurity.

Dutch telecommunications provider Odido suffered a cyberattack that exposed personal data of 6.2 million customers. The breach occurred in their customer contact system, but no passwords, call logs, or billing information were affected. The company detected the incident on February 7 and has since taken steps to secure their systems and notify affected customers. The exposed data includes full names, addresses, mobile numbers, customer numbers, email addresses, IBANs, dates of birth, and identification data. Odido has reported the breach to the Dutch Data Protection Authority and is working with external cybersecurity experts to mitigate the incident.

A critical remote code execution (RCE) vulnerability (CVE-2026-1357) in the WPvivid Backup & Migration plugin for WordPress, installed on over 900,000 websites, allows unauthenticated attackers to upload arbitrary files. The flaw, rated 9.8 in severity, affects versions up to 0.9.123 and can lead to complete website takeover. The vulnerability stems from improper error handling in RSA decryption and lack of path sanitization, enabling directory traversal and malicious PHP file uploads. The issue is mitigated by a 24-hour exploitation window and the need for the 'receive backup from another site' option to be enabled. A patch (version 0.9.124) was released on January 28, 2026, addressing the flaw by improving error handling, filename sanitization, and restricting uploads to specific file types.

The Lazarus Group, a North Korea-linked threat actor, has expanded its operations to target European defense companies in 2025, leveraging a coordinated Operation DreamJob campaign. The attack involved fake recruitment lures and the deployment of various malware, including the ScoringMathTea RAT. This campaign follows earlier attacks on a decentralized finance (DeFi) organization in 2024, where the group deployed multiple cross-platform malware variants, including PondRAT, ThemeForestRAT, and RemotePE. In 2026, North Korean hackers have been observed using AI-generated video and the ClickFix technique to deliver malware for macOS and Windows to targets in the cryptocurrency sector. The threat actor's goal is financial, as suggested by the role of the tools used in an attack on a fintech company investigated by Google's Mandiant researchers. The attack had a strong social engineering component, with the victim being contacted over Telegram from a compromised executive account. The hackers used a Calendly link to a spoofed Zoom meeting page and showed a deepfake video of a CEO to facilitate the attack. Mandiant researchers found seven distinct macOS malware families attributed to UNC1069, a threat group they've been tracking since 2018. UNC1069 has been active since at least April 2018 and is also tracked under the monikers CryptoCore and MASAN. The group has used generative AI tools like Gemini to produce lure material and other messaging related to cryptocurrency. They have attempted to misuse Gemini to develop code to steal cryptocurrency and have leveraged deepfake images and video lures mimicking individuals in the cryptocurrency industry. The group has shifted from spear-phishing techniques and traditional finance (TradFi) targeting towards the Web3 industry since at least 2023, targeting centralized exchanges (CEX), software developers at financial institutions, high-technology companies, and individuals at venture capital funds. In the latest intrusion documented by Google's threat intelligence division, UNC1069 deployed as many as seven unique malware families, including several new malware families such as SILENCELIFT, DEEPBREATH, and CHROMEPUSH. The attack involved a social engineering scheme using a compromised Telegram account, a fake Zoom meeting, a ClickFix infection vector, and reported usage of AI-generated video to deceive the victim. The group used a fake website masquerading as Zoom to deceive victims and reused videos of previous victims to deceive new victims. The attack proceeded with a ClickFix-style troubleshooting command to deliver malware, leading to the deployment of various malicious components designed to gather system information, provide hands-on keyboard access, and steal sensitive data. Additionally, the Lazarus Group has been active since May 2025 with a campaign codenamed graphalgo, involving malicious packages in npm and PyPI repositories. Developers are targeted via social platforms like LinkedIn, Facebook, and Reddit. The campaign includes a fake company named Veltrix Capital in the blockchain and cryptocurrency trading space. Malicious packages are used to deploy a remote access trojan (RAT) that fetches and executes commands from an external server. The RAT supports commands to gather system information, enumerate files and directories, list running processes, create folders, rename files, delete files, and upload/download files. The command-and-control (C2) communication is protected by a token-based mechanism. The campaign checks for the MetaMask browser extension, indicating a focus on cryptocurrency theft. A malicious npm package called "duer-js" was found to harbor a Windows information stealer called Bada Stealer, capable of gathering Discord tokens, passwords, cookies, autofill data, cryptocurrency wallet details, and system information. Another malware campaign weaponizes npm to extort cryptocurrency payments from developers during package installation, blocking installation until victims pay 0.1 USDC/ETH to the attacker's wallet.

World Leaks, a data extortion group, has added a new malware called RustyRocket to its arsenal. This sophisticated tool, written in Rust, targets both Windows and Linux environments, enabling stealthy data exfiltration and proxy traffic. The malware uses multi-layered encryption and requires a pre-encrypted configuration at runtime, making it difficult to detect. World Leaks has been active since early 2025, gaining initial access through social engineering, stolen credentials, or exposed infrastructure. The group has targeted high-profile companies, including Nike, and has been known to expose stolen data if ransom demands are not met.

Microsoft has patched a command injection flaw (CVE-2026-20841, CVSS score: 8.8) in Notepad for Windows 11. The vulnerability allows remote code execution when users click malicious links in Markdown files. The flaw was exploited by creating Markdown files with 'file://' links to executable files or special URIs to run arbitrary payloads. The issue was fixed in the February 2026 Patch Tuesday update. The vulnerability could execute code in the context of the user opening the Markdown file, granting attackers the same permissions as that user.

TrendAI has identified AI skills, which combine human-readable text with LLM-executable instructions, as a dangerous new attack surface. These skills, used to scale AI operations, pose risks of data theft, sabotage, and disruption. Attackers exploiting these skills could access sensitive organizational data and decision-making logic, leading to potential breaches in various sectors. The risks are particularly acute for AI-enabled SOCs, where injection attacks and detection blind spots are major concerns. TrendAI recommends an eight-phase kill chain model to detect and mitigate threats from unstructured text data, emphasizing the need for skills integrity monitoring and anomaly detection.

A 2026 market intelligence study reveals a significant divide in enterprise security programs based on Continuous Threat Exposure Management (CTEM) adoption. Organizations implementing CTEM show 50% better attack surface visibility and 23-point higher solution adoption. Only 16% of surveyed enterprises have adopted CTEM, while 84% lag behind. The study highlights the importance of CTEM in managing complex attack surfaces and the challenges in gaining organizational buy-in.

In 2025, approximately 50 to 61 percent of newly disclosed vulnerabilities were weaponized within 48 hours, driven by automated attack systems. The time to exploit (TTE) dropped from 745 days in 2020 to 44 days in 2025, with n-day exploits representing over 80% of the CVEs listed in the VulnDB database. Attackers exploit the delay between vulnerability disclosure and patch deployment, which often follows a slower, human-driven process. The traditional patching cadence is no longer sustainable as attackers use AI and automation to rapidly weaponize vulnerabilities, while defenders struggle to keep up. The exploitation economy operates at machine speed, with threat actors leveraging automated scripts, AI, and dark web forums to quickly develop and distribute exploits. Defenders face challenges due to the need for near-perfect stability and the risk of service interruptions, which attackers do not consider. To mitigate this, organizations must transition to automated, policy-driven remediation to close the gap between vulnerability disclosure and patch deployment.

Apple has released emergency updates to address a new zero-day vulnerability (CVE-2026-20700) in dyld, which was exploited in sophisticated attacks targeting specific individuals. This flaw, along with two previously disclosed vulnerabilities (CVE-2025-43529 and CVE-2025-14174) in WebKit, were exploited in the same incidents. The flaws can lead to remote code execution and memory corruption when processing maliciously crafted web content. The affected devices include various iPhone and iPad models running versions of iOS before iOS 26, as well as Mac devices running macOS Tahoe. Apple and Google's Threat Analysis Group discovered the vulnerabilities, and Google has also patched the same flaw (CVE-2025-14174) in Google Chrome, indicating coordinated disclosure. While the attacks were highly targeted, users are advised to update their devices promptly to mitigate ongoing risks. With these updates, Apple has now patched nine zero-day vulnerabilities that were exploited in the wild in 2025 and one in 2026.

Google's Threat Intelligence Group (GTIG) has identified new malware families that leverage artificial intelligence (AI) and large language models (LLMs) for dynamic self-modification during execution. These malware families, including PromptFlux, PromptSteal, FruitShell, QuietVault, and PromptLock, demonstrate advanced capabilities for evading detection and maintaining persistence. PromptFlux, an experimental VBScript dropper, uses Google's LLM Gemini to generate obfuscated VBScript variants and evade antivirus software. It attempts persistence via Startup folder entries and spreads laterally on removable drives and mapped network shares. The malware is under development or testing phase and is assessed to be financially motivated. PromptSteal is a data miner written in Python that queries the LLM Qwen2.5-Coder-32B-Instruct to generate one-line Windows commands to collect information and documents in specific folders and send the data to a command-and-control (C2) server. It is used by the Russian state-sponsored actor APT28 in attacks targeting Ukraine. State-backed hackers from China (APT31, Temp.HEX), Iran (APT42), North Korea (UNC2970), and Russia have used Gemini AI for all stages of an attack, including reconnaissance, phishing lure creation, C2 development, and data exfiltration. Chinese threat actors used Gemini to automate vulnerability analysis and provide targeted testing plans against specific US-based targets. Iranian adversary APT42 leveraged Gemini for social engineering campaigns and to speed up the creation of tailored malicious tools. The use of AI in malware enables adversaries to create more versatile and adaptive threats, posing significant challenges for cybersecurity defenses. Various threat actors, including those from China, Iran, and North Korea, have been observed abusing AI models like Gemini across different stages of the attack lifecycle. The underground market for AI-powered cybercrime tools is also growing, with offerings ranging from deepfake generation to malware development and vulnerability exploitation.

Microsoft's October 2025 Patch Tuesday marked the end of free security updates for Windows 10, addressing 183 vulnerabilities, including six zero-days, with the final cumulative update **KB5066791**. The update also introduced critical fixes for components like Windows SMB Server, Microsoft SQL Server, and Remote Access Connection Manager, alongside third-party vulnerabilities in AMD EPYC processors and IGEL OS. However, a newly disclosed **February 2026 Patch Tuesday** update fixed **CVE-2026-20841**, a high-severity remote code execution flaw in **Windows 11 Notepad** that allowed attackers to execute arbitrary programs via malicious Markdown links without security warnings. The flaw, affecting Notepad versions 11.2510 and earlier, exploited improper command neutralization to launch unverified protocols (e.g., `file://`, `ms-appinstaller://`). Microsoft mitigated the risk by adding execution warnings for non-HTTP(S) URIs, with updates distributed automatically via the Microsoft Store. Prior milestones included out-of-band patches for a critical **WSUS vulnerability (CVE-2025-59287)** with public exploit code, smart card authentication issues caused by cryptographic service changes, and a **RasMan zero-day** (DoS vulnerability) affecting all Windows versions. Windows 10 reached end-of-life, with Extended Security Updates (ESU) available for purchase, while Exchange Server 2016/2019 and Skype for Business 2016 also ended support. The October 2025 update remains the largest on record, with 183 CVEs pushing Microsoft’s annual vulnerability count past 1,021.

Microsoft has identified a multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) campaign targeting organizations in the energy sector. The attackers abused SharePoint file-sharing services to deliver phishing payloads and created inbox rules to maintain persistence and evade detection. The campaign involved leveraging compromised internal identities to conduct large-scale phishing attacks within and outside the victim organizations. Additionally, the AgreeTo Outlook add-in was hijacked and turned into a phishing kit, stealing over 4,000 Microsoft account credentials. The threat actor deployed a fake Microsoft sign-in page, password collection page, exfiltration script, and redirect, exploiting the add-in's ReadWriteItem permissions. This is the first known instance of malware found on the official Microsoft Marketplace. The add-in was abandoned by its developer and the attacker exploited the abandoned domain to serve the phishing kit. The incident highlights the need for better monitoring of add-ins and their associated URLs.

The Crazy ransomware gang has been observed abusing legitimate employee monitoring software (Net Monitor for Employees Professional) and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prepare for ransomware deployment. The attackers used these tools to gain full interactive access to compromised systems, transfer files, execute commands, and monitor system activity in real time. They also attempted to disable Windows Defender and set up monitoring rules to detect cryptocurrency-related activities and remote access tools. The use of multiple remote access tools provided redundancy for the attackers, ensuring they retained access even if one tool was discovered or removed. The breaches were enabled through compromised SSL VPN credentials, highlighting the need for organizations to enforce MFA on all remote access services.