On 2026-02-13, AlienVault released a comprehensive threat report titled Multiple Threat Actors Rapidly Exploit React2Shell: A Case Study of Active Compromise. The document details how a newly disclosed vulnerability in React Server Components—named React2Shell—was turned into
Continue ReadingMonth: February 2026
BeyondTrust Remote Support Vulnerability Threatens Thousands Of Networks
Threat Overview On February 13, 2026, the security community was alerted to a critical vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) appliances. The flaw, identified as CVE-2026-1731, enables unauthenticated attackers to execute
Continue ReadingNation State Actors Exploit Notepad Supply Chain
Notepad++ is one of the most widely used source‑code editors in the world, with millions of installations across government, industry and academia. Its popularity makes it an attractive target for attackers seeking to compromise large numbers
Continue ReadingWindows Remote Desktop Services Zero Day Exploitation In Progress
Windows Remote Desktop Services (RDS) has become a high‑profile target for threat actors following the discovery of the critical zero‑day vulnerability CVE‑2026‑21533. The flaw allows an attacker with local access to elevate privileges to SYSTEM, effectively
Continue ReadingCentOS 9 Kernel Flaw Enables Root Access
Threat Overview A newly discovered kernel vulnerability in CentOS 9, disclosed by CODERED_VTA on 2026‑02‑06, presents a severe risk of local privilege escalation. The flaw resides within the Linux kernel’s networking subsystem, specifically the net‑sched cake
Continue ReadingGoldenEyeDog Corporate Attack Threat Report
In early February 2026, cybersecurity researchers released a comprehensive threat report detailing a sophisticated campaign attributed to the advanced persistent threat group APT‑Q‑27, popularly known as GoldenEyeDog. The report, published by CODERED_VTA, highlights the group’s relentless
Continue ReadingSonicWall Breach Enables Security Tool Destruction
Threat Overview In early February 2026 Huntress documented a sophisticated intrusion that began with compromised SonicWall SSLVPN credentials. An attacker used these credentials to gain initial access to a target network, then deployed a custom EDR
Continue ReadingChrysalis Backdoor Insights into Lotus Blossom Toolkit
Threat Overview On 2026-02-04, security analyst Tr1sa111 released a comprehensive threat report titled The Chrysalis Backdoor: A Deep Dive into Lotus Blossom's toolkit. With a confidence level of 100 and a reliability rating of C –
Continue ReadingCloud Storage Payment Scam Floods Inboxes With Fake Renewals
Threat Overview On 2026-02-02, the security community was alerted to a new phishing campaign that targets users of popular cloud storage services. The campaign masquerades as legitimate renewal notices, flooding inboxes with emails that appear to
Continue ReadingEnergy Sector Incident Report December 2025
Threat Overview On 29 December 2025 a coordinated wave of destructive cyber‑attacks struck the Polish energy sector, targeting over 30 wind and photovoltaic farms, a private manufacturing firm and a large combined heat and power (CHP)
Continue Reading