CISA Mandates Edge Device Purge Amid Wave of Zero-Day Exploits and Sophisticated Supply Chain Attacks

Publication Date: February 9, 2026

Summary

This cybersecurity brief for February 9, 2026, covers a critical period marked by aggressive state-sponsored attacks and widespread vulnerabilities. Key developments include a CISA directive forcing federal agencies to remove unsupported edge devices, the rapid exploitation of a Microsoft Office zero-day by Russia's APT28, and a sophisticated supply chain attack on Notepad++ attributed to a Chinese APT. Further incidents include a crippling ransomware attack on the BridgePay payment gateway and the discovery of critical zero-days in Ivanti and BeyondTrust products, highlighting urgent risks across government, finance, and technology sectors.

Today New Articles

New '0APT' Extortion Group Fakes Data Breach in Bluff Attack on Australian Hospital

A new extortion group calling itself '0APT' has targeted Australia's Epworth HealthCare, claiming to have stolen 920GB of sensitive patient and financial data. The group listed the hospital on its darknet leak site on February 4, 2026, threatening to publish t...

KillSec Ransomware Group Claims Attack on Nigerian Tech Startup Getly

The ransomware group known as KillSec has claimed responsibility for a cyberattack on Getly, a Nigerian technology startup. On February 9, 2026, the group posted the claim on its platform, stating it had breached the company and exfiltrated sensitive data. Kil...

Australia Post Phishing Scam Harvests Credit Card and OTP Data

A widespread phishing campaign is actively targeting Australians by impersonating Australia Post. Cybersecurity firm MailGuard intercepted the scam on February 9, 2026, which uses emails with the subject line "Parcel Awaiting Instructions." The emails claim a...

AI Supply Chain Attack: Hundreds of Malicious 'Skills' on ClawHub Marketplace Steal Credentials

A significant software supply chain attack is targeting users of the OpenClaw AI assistant through its community marketplace, ClawHub. Security researchers have discovered hundreds of malicious 'skills'—add-ons that extend the AI's functionality—that have been...

'Bloody Wolf' APT Deploys NetSupport RAT in Espionage Campaign

Security researchers have uncovered an active spear-phishing campaign attributed to the threat actor 'Bloody Wolf' (also tracked as Stan Ghouls). The campaign targets organizations primarily in Uzbekistan and Russia, with a focus on manufacturing, finance, and...

China-Linked UNC3886 Hits All Major Singapore Telcos in Coordinated Zero-Day Attack

Singaporean authorities have revealed that all four of the nation's major telecommunication providers were targeted in a sophisticated and coordinated cyber espionage campaign. The attack is attributed to UNC3886, a Chinese-linked advanced persistent threat (A...

BeyondTrust Patches Critical 9.9 CVSS RCE Zero-Day in Remote Access Tools

BeyondTrust has patched a critical zero-day vulnerability, CVE-2026-1731, affecting its self-hosted Remote Support (RS) and Privileged Remote Access (PRA) products. The flaw is a pre-authentication remote code execution (RCE) vulnerability with a CVSS score of...

Article Updates

CRITICAL: Ivanti Patches Two Actively Exploited RCE Zero-Days in EPMM

Update:The European Commission is investigating a cyberattack on its MDM system, suspected to be linked to the Ivanti EPMM zero-days (CVE-2026-1281, CVE-2026-1340). The Dutch Authority for the Protection of Personal Data and a Finnish government agency (Valtori) have...