Cyber Threat Brief

Cyber Threat Brief for 2026-02-09

Listen Later
Show Notes - 2026-02-09
Stories Covered
  • SolarWinds Web Help Desk: Multiple Critical RCEs Actively Exploited (CISA KEV) [Critical Alerts]
  • Ivanti EPMM Zero-Days: 86+ Confirmed Compromises, Dutch Government Breached [Critical Alerts]
  • SmarterMail Auth Bypass and RCE Exploited by Warlock Ransomware (Storm-2603) [Vulnerability Disclosures]
  • CISA KEV: Sangoma FreePBX and GitLab Flaws Added [Vulnerability Disclosures]
  • React Server Components RCE Under Active Exploitation (React2Shell) [Vulnerability Disclosures]
  • Black Basta Embeds BYOVD Directly in Ransomware Payload [Ransomware & Extortion]
  • Obscura: New Ransomware Variant Found on Domain Controller [Ransomware & Extortion]
  • Ransomware Groups Pivoting Back to Encryption as Data Theft ROI Drops [Ransomware & Extortion]
  • SLSH Extortion Crew Uses Swatting and Personal Harassment [Ransomware & Extortion]
  • SonicWall VPN Exploitation Continues, Linked to Akira Ransomware [MSP / SMB Threats]
  • Romania Oil Pipeline Operator Hit by Qilin Ransomware [MSP / SMB Threats]
  • DEAD#VAX Campaign Delivers AsyncRAT via IPFS-Hosted VHD Files [General Security News]
  • CrashFix: New ClickFix Variant Crashes Browsers to Deploy Python RAT [General Security News]
  • LLMs Now Finding Zero-Days in Well-Tested Codebases [General Security News]
    • CVEs Referenced

    CVE-2019-19006, CVE-2021-39935, CVE-2024-40766, CVE-2025-40536, CVE-2025-40537, CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554, CVE-2025-64328, CVE-2026-1281, CVE-2026-1340, CVE-2026-23760, CVE-2026-24423

    Read the full brief

    ...more
    View all episodesView all episodes
    Download on the App Store
    Cyber Threat BriefBy Carolina Clear Tech, LLC