CISA Warns of Actively Exploited SmarterMail RCE Flaw; BridgePay Payment Gateway Crippled by Ransomware

Publication Date: February 8, 2026

Summary

A critical, actively exploited RCE vulnerability (CVE-2026-24423) in SmarterMail has been added to CISA's KEV catalog, fueling ransomware attacks. Concurrently, a major ransomware incident has crippled the BridgePay payment gateway, causing nationwide outages for merchants. Other significant developments in the past 24 hours include CISA mandating the removal of unsupported edge devices from federal networks, attribution of a Notepad++ supply chain attack to a Chinese APT, and the discovery of a new EDR-killing malware that abuses a decade-old driver.

Today New Articles

Nationwide Outage: BridgePay Payment Gateway Confirms Ransomware Attack Crippled Production Systems

U.S. payment gateway provider BridgePay Network Solutions has confirmed a ransomware attack was the cause of a massive service outage that began on February 6, 2026. The attack took down numerous production systems, including the BridgePay Gateway API, virtual...

EDR-Killer Malware Weaponizes Decade-Old EnCase Driver in BYOVD Attacks

Threat actors are using a new EDR-killing malware that leverages a 'Bring Your Own Vulnerable Driver' (BYOVD) technique to disable endpoint security products. Researchers at Huntress discovered the malware during an intrusion that began with compromised SonicW...

U.S. Finalizes Ban on Chinese and Russian Tech in Connected Vehicles, Forcing Massive Supply Chain Overhaul

The United States has finalized new regulations from the Commerce Department that will ban hardware and software from China and Russia in connected vehicles sold in the U.S. The rules are designed to mitigate national security risks, preventing foreign adversa...

European Commission Contains Cyberattack on its Mobile Device Management (MDM) System

The European Commission disclosed on February 5, 2026, that it had identified and contained a cyberattack against its central infrastructure for managing mobile devices. The attack, detected on January 30, was reportedly contained and the system cleaned within...

Malicious VS Code Extension 'ClawdBot Agent' Deployed ScreenConnect RAT via Marketplace

A malicious extension named 'ClawdBot Agent' was discovered in the official Visual Studio Code Marketplace, impersonating a popular AI coding assistant to trick developers. The trojanized extension was fully functional, helping it evade suspicion while its mal...

Article Updates

EU Proposes Revised Cybersecurity Act to Bolster Supply Chain Security & ENISA's Role

Update:The EU's proposed revised Cybersecurity Act (referred to as CSA2) and NIS2 Directive amendments are now seen within a global push for stricter cyber regulations. This includes Hong Kong's planned mandatory data breach reporting and new US rules for critical in...

CISA Adds Critical SmarterMail RCE Flaw to KEV Catalog Amid Active Ransomware Attacks

Update:Further analysis of the critical SmarterMail RCE (CVE-2026-24423) reveals a CVSS score of 9.3, underscoring its severe impact. The vulnerability, actively exploited by ransomware groups, affects an estimated 15 million users globally, often managed by MSPs and...