Microsoft Rushes to Patch Six Zero-Days as CISA Warns of Actively Exploited Flaws in SolarWinds and BeyondTrust
Summary
This edition covers a critical Microsoft Patch Tuesday on February 11, 2026, which addressed 58 vulnerabilities, including six actively exploited zero-days impacting Windows Shell, Office, and Remote Desktop Services. CISA has also been active, adding a critical SolarWinds flaw to its KEV catalog and issuing new guidance on the BRICKSTORM malware used by Chinese state-sponsored actors. Other major incidents include a critical BeyondTrust vulnerability being used in ransomware attacks, a large-scale data breach at Dutch telecom Odido, and new reports on sophisticated tax-themed phishing campaigns and the evolution of AI-targeted attacks.
Today New Articles
Microsoft Scrambles to Fix Six Actively Exploited Zero-Days in February 2026 Patch Tuesday
Microsoft's February 2026 Patch Tuesday release is a critical one, addressing 58 vulnerabilities across its product ecosystem. Most alarmingly, the update includes patches for six zero-day vulnerabilities that were already being actively exploited by attackers...
CISA, NSA, and Canada Warn of New BRICKSTORM Malware Variant Used by Chinese Hackers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the Canadian Centre for Cyber Security (Cyber Centre) have jointly released an updated Malware Analysis Report (MAR) for the BRICKSTORM backdoor. This new adv...
Tax Season Phishing Frenzy: Microsoft Details Campaigns Abusing ScreenConnect and QR Codes
Microsoft has uncovered several large-scale, sophisticated phishing campaigns exploiting the U.S. tax season. In a report on February 10, 2026, the company detailed one massive campaign targeting over 29,000 users that aimed to install the legitimate remote ac...
Healthcare Provider's Ransomware Attack Traced to Compromised SonicWall Cloud Backups
Marquis Health Services, a major provider of skilled nursing care, has reported a disruptive ransomware attack that it attributes to a compromise of its SonicWall cloud backup systems. The incident, reported on February 10, 2026, allowed attackers to encrypt c...
Dutch Telecom Odido Suffers Massive Data Breach; 6 Million Customers Potentially Exposed
Dutch telecommunications provider Odido announced a major data breach on February 11, 2026, after a third-party supplier's system was compromised. The incident may have exposed the personal information of as many as six million customers. The compromised data...
Boggy Serpens (MuddyWater) APT Targets UAE Energy Firm in Sustained Espionage Campaign
Researchers from Palo Alto Networks' Unit 42 have detailed a long-running cyber-espionage campaign targeting a national marine and energy company in the United Arab Emirates. The campaign, attributed to the APT group Boggy Serpens (also known as MuddyWater), w...
Undetected Go-Based Malware Emerge: GREENBLOOD Ransomware and Moonrise RAT
Security researchers have identified two new and dangerous malware families written in the Go programming language. The discoveries, reported on February 11, 2026, include a ransomware variant named GREENBLOOD and a remote access trojan (RAT) called Moonrise R...
EU Greenlights Google's $32 Billion Acquisition of Cybersecurity Firm Wiz
The European Commission has granted unconditional antitrust approval for Google's proposed $32 billion acquisition of cybersecurity firm Wiz. The decision, announced on February 10, 2026, allows Google to move forward with its largest-ever deal, significantly...
Critical BeyondTrust Flaw Actively Exploited in Ransomware Attacks
A critical vulnerability in BeyondTrust's remote access solutions is being actively exploited by threat actors, with security firm Darktrace reporting anomalous activity linked to the flaw starting on February 10, 2026. Attackers are leveraging the vulnerabili...
Supply Chain Attacks Now a Dominant 'Ecosystem' of Crime, Warns Group-IB
A new report from cybersecurity firm Group-IB warns that supply chain attacks have evolved from being a specific attack type into a dominant 'ecosystem' of interconnected criminal activity. The 'High-Tech Crime Trends Report,' released on February 11, 2026, st...
Article Updates
Hackers Expand Attacks on ICS/OT and Enterprise AI Systems
Update:A new report from HiddenLayer (Feb 11, 2026) reveals 'tool chain escalation' as the leading attack against AI agents, accounting for 11.7% of malicious activity. This advanced technique involves attackers using benign tools to map an agent's capabilities, then...
CISA Adds Actively Exploited SolarWinds RCE Flaw to KEV Catalog
Update:New intelligence indicates that threat actors exploiting the SolarWinds Web Help Desk RCE vulnerability are deploying the legitimate forensic tool Velociraptor for post-exploitation activities. This includes using it for discovery (T1082), lateral movement (T1...