Cyber Threat Brief

By Carolina Clear Tech, LLC

Your daily cybersecurity briefing. Vulnerabilities, ransomware, threat actors, and patches that matter, explained for IT professionals and business leaders protecting small and mid-sized organizations... more

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 74 episodes available.

Cyber Threat Brief episodes:

February 23, 20262026-02-23: Dell RecoverPoint zero-day exploited since mid-2024 gets CVSS 10.0 and active Chinese APT targeting
Show Notes - 2026-02-23
Stories Covered
Today:
Dell RecoverPoint for VMs Zero-Day (CVE-2026-22769) [Critical Alerts]
Ivanti EPMM Zero-Days Under Active Exploitation (CVE-2026-1281, CVE-2026-1340) [Critical Alerts]
Veeam Exploited in Russian Credential Abuse Campaign (CVE-2023-27532, CVE-2024-40711) [Critical Alerts]
AI Assistants Abused as C2 Proxies [Critical Alerts]
Grandstream GXP1600 VoIP Phone RCE (CVE-2026-2329) [Vulnerability Disclosures]
Microsoft 365 Copilot DLP Bypass [Vulnerability Disclosures]
RoundCube Webmail XSS Vulnerability Exploited [Vulnerability Disclosures]
University of Mississippi Medical Center Ransomware Attack [Ransomware & Extortion]
Advantest Corporation Ransomware Incident [Ransomware & Extortion]
0APT Ransomware-as-a-Service Operation [Ransomware & Extortion]
France National Bank Account Registry Breach [Business & Infrastructure Threats]
Ukraine National Bank Supply-Chain Incident [Business & Infrastructure Threats]
npm Supply-Chain Worm Targets AI Coding Assistants [Business & Infrastructure Threats]
PayPal Data Breach Leads to Fraudulent Transactions [Business & Infrastructure Threats]
AI Quadruples Data Exfiltration Speed [Business & Infrastructure Threats]
Arkanix Stealer: AI-Assisted Malware Experiment [General Security News]
MuddyWater Targets MENA with New Malware [General Security News]
CVEs Referenced
CVE-2023-27532, CVE-2024-40711, CVE-2026-1281, CVE-2026-1340, CVE-2026-22769, CVE-2026-2329
Indicators of Compromise
IP Addresses:
6.0.3.1, 1.0.7.81
Read the full brief
...more
16min
February 22, 20262026-02-22: A sophisticated phishing-as-a-service platform bypasses MFA by proxying live authentication sessions
Show Notes - 2026-02-22
Stories Covered
Today:
AI-Assisted Campaign Targets 600+ FortiGate Devices [Critical Alerts]
'Starkiller' Phishing-as-a-Service Defeats MFA Through Real-Time Proxying [Business & Infrastructure Threats]
Predator Spyware Hooks iOS SpringBoard to Suppress Recording Indicators [General Security News]
UK Council Exposes Personal Details of Trans Complaint Submitters [General Security News]
Indicators of Compromise
IP Addresses:
212.11.64.250
Read the full brief
...more
9min
February 21, 20262026-02-21: CISA adds two actively exploited Roundcube webmail flaws to KEV catalog with March 13 remediation
Show Notes - 2026-02-21
Stories Covered
Today:
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog (CVE-2025-49113, CVE-2025-68461) [Critical Alerts]
PHP CGI Parameter Injection Bypass (CVE-2024-8926) [Vulnerability Disclosures]
Linux Kernel SMB/CIFS Vulnerabilities [Vulnerability Disclosures]
TLS and Certificate Validation Vulnerabilities [Vulnerability Disclosures]
Privilege Escalation and Memory Corruption Flaws [Vulnerability Disclosures]
Denial of Service Vulnerabilities [Vulnerability Disclosures]
Additional Linux Kernel Vulnerabilities [Vulnerability Disclosures]
Historic TLS/Crypto Library Vulnerabilities [Vulnerability Disclosures]
Perl Cryptography Module Vulnerability (CVE-2025-15444) [Vulnerability Disclosures]
CVEs Referenced
CVE-2020-36426, CVE-2021-24119, CVE-2022-27781, CVE-2022-27782, CVE-2024-11738, CVE-2024-4577, CVE-2024-46686, CVE-2024-46742, CVE-2024-46795, CVE-2024-46796, CVE-2024-47191, CVE-2024-53186, CVE-2024-55549, CVE-2024-8926, CVE-2024-9632, CVE-2025-13034, CVE-2025-14017, CVE-2025-14819, CVE-2025-15444, CVE-2025-49113, CVE-2025-58436, CVE-2025-61727, CVE-2025-61729, CVE-2025-66382, CVE-2025-68461, CVE-2025-68753, CVE-2025-68755, CVE-2025-68758, CVE-2025-68763, CVE-2025-68766, CVE-2025-68771, CVE-2025-68781, CVE-2025-68786, CVE-2025-68808, CVE-2025-68817, CVE-2025-68823, CVE-2025-71066, CVE-2025-71109, CVE-2025-71114, CVE-2025-71133, CVE-2025-71143, CVE-2026-21860
Read the full brief
...more
13min
February 20, 20262026-02-20: Chinese state-linked threat cluster UNC6201 has exploited a maximum-severity hardcoded credential
Show Notes - 2026-02-20
Stories Covered
Today:
CISA 3-Day Deadline: Dell RecoverPoint Hardcoded Credential Flaw (CVE-2026-22769) [Critical Alerts]
BeyondTrust CVE-2026-1731 Now Confirmed in Ransomware Campaigns (CVSS 9.9) [Critical Alerts]
RoundCube Webmail: Two Actively Exploited Flaws Added to CISA KEV [Critical Alerts]
Windows Admin Center Privilege Escalation - Potential Domain Compromise (CVE-2026-26119, CVSS 8.8) [Vulnerability Disclosures]
Ivanti Exploitation Surges - Zero-Days Traced to July 2025 [Vulnerability Disclosures]
PUSR USR-W610 Industrial Router: Four Vulns, EOL, No Patch Coming [Vulnerability Disclosures]
EnOcean SmartServer IoT: Remote Code Execution via Crafted Messages (CVE-2026-20761) [Vulnerability Disclosures]
UMMC Ransomware: All Mississippi Clinics Closed, Epic EMR Offline [Ransomware & Extortion]
Advantest Ransomware Attack - $120B Semiconductor Test Equipment Maker [Ransomware & Extortion]
LockBit 5.0 Cross-Platform Build Explicitly Targets Proxmox [Ransomware & Extortion]
ClickFix + Matanbuchus 3.0 + AstarionRAT: Domain Controllers Compromised in Minutes [Ransomware & Extortion]
TrustConnect: Fully Fake RMM Vendor Selling a RAT for $300/Month [Business & Infrastructure Threats]
Cline CLI 2.3.0 Supply Chain Attack - OpenClaw Installed on ~4,000 Developer Systems [Business & Infrastructure Threats]
Identity Posture Gaps: What Cyber Insurers and Threat Actors Both Audit [Windows / AD Security]
Microsoft Guidance: Self-Hosted AI Agents Require Full Isolation [General Security News]
CVEs Referenced
CVE-2024-12356, CVE-2025-49113, CVE-2025-68461, CVE-2026-1731, CVE-2026-20761, CVE-2026-22769, CVE-2026-22885, CVE-2026-24455, CVE-2026-25715, CVE-2026-26048, CVE-2026-26049, CVE-2026-26119
Indicators of Compromise
Domains:
178[.]128, 69[.]245, trustconnectsoftware[.]com
Read the full brief
...more
20min
February 19, 20262026-02-19: A new RAT-as-a-service called TrustConnect is masquerading as a legitimate RMM tool
Show Notes - 2026-02-19
Stories Covered
Today:
TrustConnect: RAT Disguised as a Legitimate RMM Tool [Critical Alerts]
Critical Grandstream VoIP Bug (CVE-2026-2329) Enables Unauthenticated Root Access [Vulnerability Disclosures]
Adidas Third-Party Breach: Lapsus$ Collaboration Claims 815,000 Records [Ransomware & Extortion]
Massiv Android Banking Trojan Distributed via Fake IPTV Apps [Business & Infrastructure Threats]
CrowdStrike Insider Threat Analytics: New Dashboard Capabilities [Business & Infrastructure Threats]
Deutsche Bahn DDoS Attack Disrupts Rail Systems [Business & Infrastructure Threats]
CRESCENTHARVEST Campaign Uses DLL Sideloading and Chrome Key Theft [Business & Infrastructure Threats]
Nigerian Cybercriminal Sentenced for Tax Fraud via RAT-Delivered Phishing [Business & Infrastructure Threats]
Poland Bans Chinese-Made Cars from Military Bases Over Surveillance Risks [General Security News]
Gemini Chatbot Abused in Fake "Google Coin" Crypto Scam [General Security News]
OpenClaw Ongoing Security Issues; SecureClaw Open Source Tool Debuts [General Security News]
CVEs Referenced
CVE-2026-2329
Indicators of Compromise
Domains:
trustconnectsoftware[.]com
Read the full brief
...more
12min
February 18, 20262026-02-18: CISA added four CVEs to its KEV catalog today with a March 10 deadline
Show Notes - 2026-02-18
Stories Covered
Today:
CISA KEV Update: Four CVEs Added, March 10 Deadline (CVE-2026-2441, CVE-2020-7796, CVE-2008-0015, CVE-2024-7694) [Critical Alerts]
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited by China-Nexus UNC6201 Since Mid-2024 [Critical Alerts]
AI-Discovered OpenSSL Zero-Days: 12 New CVEs Including CVSS 9.8 CMS Parsing Flaw (CVE-2025-15467) [Vulnerability Disclosures]
Redis Lua RCE (CVE-2024-46981, EPSS 76%) [Vulnerability Disclosures]
Glibc ld.so Privilege Escalation (CVE-2023-4911, CISA KEV) [Vulnerability Disclosures]
Azure IoT Platform Device SDK RCE (CVE-2024-21646, EPSS 85th percentile) [Vulnerability Disclosures]
Python setuptools RCE via VCS URLs (CVE-2024-6345, EPSS 89th percentile) [Vulnerability Disclosures]
Trend: Legacy CVEs Still Actively Exploited [General Security News]
AI Vulnerability Research: Scale and Speed Are Changing the Threat Landscape [General Security News]
CVEs Referenced
CVE-2008-0015, CVE-2020-7796, CVE-2023-4911, CVE-2024-21646, CVE-2024-46981, CVE-2024-6345, CVE-2024-7694, CVE-2025-15467, CVE-2026-22769, CVE-2026-2441
Indicators of Compromise
IP Addresses:
6.0.3.1
Read the full brief
...more
12min
February 17, 20262026-02-17: Microsoft patched CVE-2026-26119, an elevation of privilege flaw in Windows Admin Center caused by
Show Notes - 2026-02-17
Stories Covered
Today:
Windows Admin Center Elevation of Privilege (CVE-2026-26119) [Vulnerability Disclosures]
Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta [Vulnerability Disclosures]
Supply Chain Attack Embeds Keenadu Malware in Android Device Firmware [Business & Infrastructure Threats]
ClickFix Attacks Abuse DNS Lookup Commands to Deliver ModeloRAT [Business & Infrastructure Threats]
Ireland Opens GDPR Investigation into X's Grok AI [General Security News]
CVEs Referenced
CVE-2026-26119
Read the full brief
...more
6min
February 16, 20262026-02-16: Google patched Chrome's first zero-day of 2026 (CVE-2026-2441)
Show Notes - 2026-02-16
Stories Covered
Today:
Google Chrome Zero-Day Actively Exploited (CVE-2026-2441) [Critical Alerts]
Windows 11 KB5077181 Fixes Boot Failures from Failed Update Rollbacks [Vulnerability Disclosures]
Password Managers Fail Zero-Knowledge Encryption Promises Under Server Compromise [Vulnerability Disclosures]
BridgePay Ransomware Attack Disrupts Government Payment Services Nationwide [Ransomware & Extortion]
Fake Ransomware Group 0APT Exposed as Complete Fabrication [Ransomware & Extortion]
ShinyHunters Leaks 600K Canada Goose Customer Records [Ransomware & Extortion]
LVMH Brands Fined $25M in South Korea After Scattered Spider/LAPSUS$ Breaches [Ransomware & Extortion]
ClickFix Attack Now Uses DNS Queries for Payload Delivery [Business & Infrastructure Threats]
260K+ Chrome Users Hit by Fake AI Browser Extensions [Business & Infrastructure Threats]
Open Source Registries Financially Unable to Implement Basic Security [Business & Infrastructure Threats]
Former L3Harris Executive Sold Eight Zero-Day Exploit Kits to Russia [Business & Infrastructure Threats]
ZeroDayRAT Mobile Spyware Platform Sold on Telegram [General Security News]
64-Bit Malware Approaching 50-50 Parity with 32-Bit [General Security News]
Promptware Kill Chain Framework Proposed for LLM Attacks [General Security News]
Android 17 Beta Strengthens Secure-by-Default Privacy and App Security [General Security News]
CVEs Referenced
CVE-2026-2441
Indicators of Compromise
Domains:
84[.]21.189
Read the full brief
...more
17min
February 14, 2026Cyber Threat Brief for 2026-02-14
Show Notes - 2026-02-14
Stories Covered
BeyondTrust Remote Support/PRA OS Command Injection Added to CISA KEV (CVE-2026-1731) [Critical Alerts]
CVEs Referenced
CVE-2026-1731
Read the full brief
...more
2min
February 13, 2026 Cyber Threat Brief for 2026-02-13
Show Notes - 2026-02-13
CVEs Referenced
CVE-2024-43468, CVE-2025-0836, CVE-2025-15556, CVE-2025-40536, CVE-2025-40587, CVE-2025-40936, CVE-2025-7740, CVE-2025-9491, CVE-2026-1358, CVE-2026-1731, CVE-2026-20700, CVE-2026-22923, CVE-2026-25655, CVE-2026-25656
Indicators of Compromise
Domains:
tapnetic[.]pro.
Read the full brief
...more
17min

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 74 episodes available.