Threat Overview On 2026-02-27, CyberHunter_NL released a detailed threat report titled PlugX Meeting Invitation via MSBuild and GDATA. The report documents a sophisticated spear‑phishing campaign that leverages a legitimate G DATA antivirus executable and the Windows
Continue ReadingMonth: February 2026
Moonrise RAT Low Detection High Cost Threat
In the fast‑moving world of cyber‑threats, a new remote‑access trojan (RAT) has been identified that flies under the radar of conventional signature‑based defenses. The RAT, dubbed Moonrise, was first documented in a 2026 AlienVault threat report
Continue ReadingActiveMQ Vulnerability Triggers LockBit Ransomware Attack
Threat Overview On 2026-02-23 the DFIR Report identified a multi‑stage intrusion that began with exploitation of the CVE‑2023‑46604 vulnerability in an internet‑facing Apache ActiveMQ instance. The threat actor achieved remote code execution via a malicious Spring
Continue ReadingAI Powered Mass Compromise of Internet Exposed FortiGate Management Interfaces
On 2026-02-22, Amazon Threat Intelligence released a detailed advisory titled "Advisory on AI-augmented mass compromise of internet-exposed FortiGate management interfaces (600+ devices reported). " The report documents a large‑scale cyberattack that spanned 55 countries and impacted
Continue ReadingJira Spam Campaign Targets Gov and Corporate Entities
On 18 February 2026, security researchers at AlienVault released a comprehensive threat report that exposed a new and highly sophisticated spam campaign targeting government agencies and corporate organizations worldwide. The campaign leveraged the legitimate infrastructure of
Continue ReadingDell RecoverPoint Zero-Day Exploitation Report
In a recent threat intelligence briefing released by Mandiant and Google Threat Intelligence Group (GTIG) on February 19, 2026, a high‑risk zero‑day vulnerability in Dell RecoverPoint for Virtual Machines (RPVM) – CVE‑2026‑22769 – was identified as
Continue ReadingTablet Conqueror Reveals Links Between Major Android Botnets
Executive Summary On February 17, 2026, Kaspersky’s SecureList published a detailed threat report titled The Tablet Conqueror and the Links Between Major Android Botnets. The study exposes a new firmware‑level Android backdoor, Keenadu, and demonstrates its
Continue ReadingQR Code Phishing Threats Across Web and Mobile
Executive Summary QR codes have become a staple of everyday interactions, from contactless payments to event check‑ins. However, their ubiquity also makes them an attractive vector for cybercriminals. Unit 42’s latest threat report, "Phishing on the Edge
Continue ReadingStorm 2603 Targets CVE 2026 23760 to Deploy Warlock Ransomware
Threat Overview ReliaQuest has identified a new campaign, codenamed Storm 2603, that exploits a critical vulnerability in SmarterMail (CVE 2026 23760) to stage the Warlock ransomware on internet facing mail servers. The attack chain demonstrates a
Continue ReadingAttacker Use of RMM Tools via Video Conference Lures
Threat Overview In a sophisticated phishing campaign that has been identified by Netskope Threat Labs and reported by AlienVault, threat actors are exploiting the ubiquity of video‑conference platforms such as Zoom, Microsoft Teams, and Google Meet
Continue Reading