Russian APT Exploits Patched Office Flaw in Days; Chinese Spies Hijack Notepad++ Updates

Publication Date: February 4, 2026

Summary

The cybersecurity landscape on February 4th, 2026, is dominated by sophisticated state-sponsored attacks. The Russian APT28 group was caught weaponizing a freshly patched Microsoft Office zero-day vulnerability (CVE-2026-21509) within days, targeting European entities. In a separate, long-running campaign, a Chinese APT compromised the Notepad++ update mechanism in a six-month supply chain attack. Other major incidents include the resurfacing of a massive AT&T customer dataset with 176 million records, a widespread DDoS campaign by pro-Russian hacktivists, and critical vulnerability disclosures for Django and Ingress-NGINX.

Today New Articles

CISA Criticized for Silently Updating KEV Catalog with Ransomware Data

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is facing criticism for its practice of silently updating its Known Exploited Vulnerability (KEV) catalog. In 2025, the agency updated 59 entries to indicate that the flaws were being used in ran...

Massive AT&T Customer Dataset with 148M SSNs Resurfaces in Criminal Circles

A massive and highly sensitive dataset allegedly containing the personal information of AT&T customers has resurfaced and is being circulated in criminal forums. The data trove reportedly includes approximately 176 million records, featuring over 133 million f...

LinkedIn Phishing Campaign Targets Executives Using Legitimate Pen-Testing Tools

A new phishing campaign discovered by ReliaQuest is abusing LinkedIn's private messaging feature to target executives and IT professionals. The attackers use social engineering to trick victims into downloading and running a malicious archive file. The attack'...

Fake LINE Messenger Installer Spreads ValleyRAT Malware

A malware campaign attributed to the Silver Fox APT group is distributing the ValleyRAT remote access trojan by disguising it as an installer for the popular LINE messaging app. The campaign, which primarily targets Chinese-speaking users, uses the trojanized...

Critical Flaws in Django Framework Expose Sites to DoS and SQL Injection

The maintainers of the Django web framework have released important security updates to address critical vulnerabilities. The flaws could allow remote attackers to conduct Denial-of-Service (DoS) and potential SQL injection attacks against web applications bui...

Critical RCE Flaw in Ingress-NGINX Threatens Kubernetes Clusters

A critical vulnerability has been discovered in the widely used Ingress-NGINX controller for Kubernetes. The flaw could allow a remote attacker to achieve arbitrary code execution within the context of the ingress controller. A successful exploit could lead to...

Samsung's February 2026 Update Fixes 37 Flaws in Galaxy Devices

Samsung has released its February 2026 security update for its Galaxy smartphones, tablets, and foldable devices. The update addresses a total of 37 vulnerabilities. This includes 25 patches from Google for the core Android OS and 12 Samsung-specific patches (...

Google Patches Multiple Vulnerabilities in February 2026 Pixel Update

Google has released its monthly security update for all supported Pixel devices as part of its February 2026 patch cycle. The update addresses numerous security vulnerabilities detailed in the Android and Pixel-specific security bulletins. Installing the updat...

UK Law Criminalizing AI-Generated Deepfake Intimate Images Takes Effect

A new law in the United Kingdom is set to come into force on February 6, 2026, making it a criminal offense to create or share AI-generated 'deepfake' intimate images of an adult without their consent. The law, part of the Data (Use and Access) Act 2025, amend...