February 11, 2026

Cyber Threat Brief for 2026-02-11

20 minutes

Show Notes - 2026-02-11

Stories Covered

Notepad++ Supply Chain Compromise by Lotus Blossom (State-Sponsored) [Critical Alerts]

Notepad Markdown RCE - CVE-2026-20841 (CVSS 8.8) [Critical Alerts]

Microsoft Outlook Add-in (AgreeTo) Hijacked - 4,000+ Credentials Stolen [Critical Alerts]

Chipmaker Patch Tuesday: 80+ Vulnerabilities from Intel and AMD [Vulnerability Disclosures]

Microsoft Secure Boot Certificate Refresh - June 2026 [Vulnerability Disclosures]

LummaStealer Resurges via CastleLoader and ClickFix Campaigns (Reported by 3 Sources) [Ransomware & Extortion]

Payroll Redirect Attacks via Help Desk Social Engineering [MSP / SMB Threats]

JokerOTP MFA Bypass Tool - Third Arrest [MSP / SMB Threats]

WSL Being Used as a Malware Attack Vector [Windows / AD Security]

Windows 11 26H1 Released (Snapdragon X2 Only), .NET 3.5 Removed [Windows / AD Security]

SSH Worm Compromises Systems in 4 Seconds [Windows / AD Security]

Kimwolf IoT Botnet Disrupts I2P Anonymity Network [General Security News]

287 Chrome Extensions Exfiltrating Browsing History (37M Installs) [General Security News]

SSHStalker Botnet Targets Linux via IRC C2 [General Security News]

Microsoft Warns of AI Recommendation Poisoning [General Security News]

CVEs Referenced

CVE-2026-20841

Indicators of Compromise

Domains:

vercel[.]app

Hashes:

f44c2169250f86c8b42ec74616eacb08310ccc81ca9612eb68d23dc8715d7370

Read the full brief

...more

View all episodes

By Carolina Clear Tech, LLC

February 11, 2026

Cyber Threat Brief for 2026-02-11

20 minutes

Show Notes - 2026-02-11

Stories Covered

Notepad++ Supply Chain Compromise by Lotus Blossom (State-Sponsored) [Critical Alerts]

Notepad Markdown RCE - CVE-2026-20841 (CVSS 8.8) [Critical Alerts]

Microsoft Outlook Add-in (AgreeTo) Hijacked - 4,000+ Credentials Stolen [Critical Alerts]

Chipmaker Patch Tuesday: 80+ Vulnerabilities from Intel and AMD [Vulnerability Disclosures]

Microsoft Secure Boot Certificate Refresh - June 2026 [Vulnerability Disclosures]

LummaStealer Resurges via CastleLoader and ClickFix Campaigns (Reported by 3 Sources) [Ransomware & Extortion]

Payroll Redirect Attacks via Help Desk Social Engineering [MSP / SMB Threats]

JokerOTP MFA Bypass Tool - Third Arrest [MSP / SMB Threats]

WSL Being Used as a Malware Attack Vector [Windows / AD Security]

Windows 11 26H1 Released (Snapdragon X2 Only), .NET 3.5 Removed [Windows / AD Security]

SSH Worm Compromises Systems in 4 Seconds [Windows / AD Security]

Kimwolf IoT Botnet Disrupts I2P Anonymity Network [General Security News]

287 Chrome Extensions Exfiltrating Browsing History (37M Installs) [General Security News]

SSHStalker Botnet Targets Linux via IRC C2 [General Security News]

Microsoft Warns of AI Recommendation Poisoning [General Security News]

CVEs Referenced

CVE-2026-20841

Indicators of Compromise

Domains:

vercel[.]app

Hashes:

f44c2169250f86c8b42ec74616eacb08310ccc81ca9612eb68d23dc8715d7370

Read the full brief

...more

Share Cyber Threat Brief for 2026-02-11

Sign up to save your podcasts

Cyber Threat Brief for 2026-02-11

Cyber Threat Brief for 2026-02-11