Another day, another malicious JPEG
https://isc.sans.edu/diary/Another%20day%2C%20another%20malicious%20JPEG/32738
Calibre Path Traversal Leading to Arbitrary File Write and Potentially Code Execution CVE-2026-26064 CVE-2026-26065
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-72ch-3hqc-pgmp
https://github.com/kovidgoyal/calibre/security/advisories/GHSA-vmfh-7mr7-pp2w
CVE-2026-25755: PDF Object Injection in jsPDF (addJS Method)
https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25755.md
Roundcube Webmail Exploited CVE-2025-49113 https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10
https://www.openwall.com/lists/oss-security/2025/06/02/3

Japanese-Language Phishing Emails
https://isc.sans.edu/diary/Japanese-Language%20Phishing%20Emails/32734
'God-Like' Attack Machines: AI Agents Ignore Security Policies
https://www.darkreading.com/application-security/ai-agents-ignore-security-policies
Starkiller: New Phishing Framework Proxies Real Login Pages to Bypass MFA
https://abnormal.ai/blog/starkiller-phishing-kit

Under the Hood of DynoWiper
https://isc.sans.edu/diary/Under%20the%20Hood%20of%20DynoWiper/32730
Vibe Password Generation: Predictable by Design
https://www.irregular.com/publications/vibe-password-generation
Vulnerabilities (CVE-2025-65715, CVE-2025-65716, CVE-2025-65717) in four popular IDE Extensions
https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/
Grandstream GXP1600 VoIP Phones
https://www.rapid7.com/blog/post/ve-cve-2026-2329-critical-unauthenticated-stack-buffer-overflow-in-grandstream-gxp1600-voip-phones-fixed/

Tracking Malware Campaigns With Reused Material
https://isc.sans.edu/diary/Tracking%20Malware%20Campaigns%20With%20Reused%20Material/32726
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day
Windows Admin Center Elevation of Privilege Vulnerability CVE-2026-26119
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119
DNS-PERSIST-01: A New Model for DNS-based Challenge Validation
https://letsencrypt.org/2026/02/18/dns-persist-01.html
Defending Web Apps
https://www.sans.org/cyber-security-courses/application-security-securing-web-apps-api-microservices

Fake Incident Report Used in Phishing Campaign
https://isc.sans.edu/diary/Fake%20Incident%20Report%20Used%20in%20Phishing%20Campaign/32722
Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets https://securelist.com/keenadu-android-backdoor/118913/
CVE-2026-25903: Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates https://seclists.org/oss-sec/2026/q1/166
The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time
https://unit42.paloaltonetworks.com/real-time-malicious-javascript-through-llms/
Encrypted RCS in iOS/iPadOS
https://developer.apple.com/documentation/ios-ipados-release-notes/ios-ipados-26_4-release-notes

2026 64-Bits Malware Trend
https://isc.sans.edu/diary/2026%2064-Bits%20Malware%20Trend/32718
A Comparative Security Analysis of Three Cloud-based Password Managers
https://zkae.io
Infostealer Infection Targeting OpenClaw Configurations
https://www.infostealers.com/article/hudson-rock-identifies-real-world-infostealer-infection-targeting-openclaw-configurations/

AI-Powered Knowledge Graph Generator & APTs
https://isc.sans.edu/diary/AI-Powered%20Knowledge%20Graph%20Generator%20%26%20APTs/32712
nslookup and ClickFix
https://x.com/MsftSecIntel/status/2022456612120629742
Google Chrome 0-Day Patch
https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html
TURN Security Threats
https://www.enablesecurity.com/blog/turn-server-security-threats/

Four Seconds to Botnet - Analyzing a Self-Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary]
https://isc.sans.edu/diary/Four%20Seconds%20to%20Botnet%20-%20Analyzing%20a%20Self%20Propagating%20SSH%20Worm%20with%20Cryptographically%20Signed%20C2%20%5BGuest%20Diary%5D/32708
OpenSSH Update on MacOS
https://www.openssh.org/releasenotes.html
Employee Monitoring and SimpleHelp Software Abused in Ransomware Operations
https://www.huntress.com/blog/employee-monitoring-simplehelp-abused-in-ransomware-operations

WSL in the Malware Ecosystem https://isc.sans.edu/diary/32704
Apple Patches Everything: February 2026
https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20February%202026/32706
Adobe Updates
https://helpx.adobe.com/security/security-bulletin.html

Microsoft Patch Tuesday - February 2026
https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20February%202026/32700
Refreshing the root of trust
https://blogs.windows.com/windowsexperience/2026/02/10/refreshing-the-root-of-trust-industry-collaboration-on-secure-boot-certificate-updates/
Fake 7-Zip downloads are turning home PCs into proxy nodes
https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes
FortiNet Vulnerabilities
https://fortiguard.fortinet.com/psirt/FG-IR-25-093 https://fortiguard.fortinet.com/psirt/FG-IR-25-1052