Daily Brief

Group-IB's latest report reveals that cybercriminals are leveraging supply chain attacks to create a self-reinforcing cybercrime ecosystem, linking breaches, credential theft, and ransomware. Recent incidents like the Shai-Hulud NPM worm and Salesloft breach illustrate how attackers exploit vendor access to compromise downstream customers. Open source package compromises are facilitating malware distribution and credential theft, while phishing and OAuth abuse are enabling identity compromise in SaaS environments. Ransomware and extortion are increasingly used at later stages, capitalizing on access and intelligence gathered through earlier breaches. AI-assisted tools are expected to accelerate supply chain attacks by rapidly identifying vulnerabilities across vendors and CI/CD pipelines. Criminals are shifting from traditional malware to identity attacks, blending malicious activity into normal business operations to evade detection. Organizations are urged to enhance security by treating third-party vendors as extensions of their own attack surface, investing in threat modeling and data flow visibility.

Microsoft has addressed a command injection vulnerability in Notepad (CVE-2026-20841) with a CVSS score of 8.8, which could enable remote code execution. The flaw allows attackers to execute code over a network by tricking users into clicking malicious links within Markdown files opened in Notepad. Exploitation grants attackers the same permissions as the user, potentially compromising sensitive data and system integrity. Microsoft released the fix as part of its monthly Patch Tuesday updates, enhancing Notepad's security on Windows 11. Organizations are advised to apply the latest patches promptly to mitigate potential exploitation risks. This incident underscores the importance of maintaining up-to-date software and conducting regular security assessments to identify and address vulnerabilities.

A 2026 study of 128 enterprise security leaders reveals a significant gap in adopting Continuous Threat Exposure Management (CTEM), with only 16% implementing this advanced framework. Organizations utilizing CTEM report 50% better attack surface visibility and a 23-point higher solution adoption rate, enhancing their overall threat awareness. Despite 87% of security leaders recognizing CTEM's importance, many struggle to implement it due to organizational inertia, competing priorities, and budget constraints. The complexity of managing attack surfaces is increasing, with traditional security methods failing to scale effectively as asset domains grow beyond 100. The report emphasizes that manual oversight and periodic controls are insufficient in high-complexity environments, urging a shift to CTEM-driven programs. Rising third-party incidents and increased breach costs, averaging $4.44M, highlight the urgency for robust attack surface management strategies. Security leaders face mounting pressure to adopt CTEM as boardroom discussions increasingly focus on managing complex and high-stakes cybersecurity challenges.

The UK Ministry of Defence is recruiting a senior digital leader to manage a £4.6 billion IT and AI strategy, offering a salary between £270,000 and £300,000. The role involves overseeing more than 3,000 specialist staff and creating a unified digital strategy to enhance national security capabilities. The appointed Director General will ensure the integration of a digital backbone connecting all military systems, leveraging AI for operational advantage. Candidates must be UK nationals with Developed Vetting clearance, working from Corsham or Westminster, with frequent international travel. Responsibilities include managing commercial relationships with IT vendors, notably a £240.6 million data analytics contract with US firm Palantir. The position aligns with other high-level government roles, reflecting the strategic importance of digital leadership in national defense. Applications for this pivotal role close on March 2, emphasizing the urgency of securing top-tier digital expertise for defense operations.

A critical security flaw in Ivanti Endpoint Manager Mobile (EPMM) has been exploited, with 83% of attempts traced to a single IP on bulletproof hosting by PROSPERO. GreyNoise identified 417 exploitation sessions from 8 IP addresses between February 1 and 9, 2026, with the majority originating from IP 193.24.123[.]42. The vulnerabilities, CVE-2026-1281 and CVE-2026-1340, allow unauthenticated remote code execution, impacting several European agencies, including the European Commission. The threat actor uses automated tools, rotating through over 300 user agent strings, and exploits multiple CVEs across different software simultaneously. PROSPERO's infrastructure is linked to Proton66, known for distributing malware like GootLoader and SpyNote, indicating a sophisticated threat landscape. The campaign focuses on identifying exploitable targets through DNS beacons without immediate payload deployment, suggesting initial access broker tactics. Ivanti advises users to apply patches, audit MDM infrastructure, monitor specific paths, and block PROSPERO's autonomous system to mitigate risks. Organizations should assume rapid exploitation of vulnerabilities and enhance monitoring of internet-facing infrastructure to prevent unauthorized access.

Google reports China's APT31 used its AI chatbot, Gemini, to analyze vulnerabilities and plan cyberattacks on US organizations, enhancing their offensive capabilities. APT31, also known as Violet Typhoon, has been sanctioned and criminally charged by the US for targeting critical infrastructure and high-value targets. The group employed Hexstrike, a red-teaming tool, to automate vulnerability analysis and penetration testing, blurring lines between security assessments and malicious operations. Google's response included disabling accounts linked to these activities, highlighting the challenges of AI misuse in cybersecurity. The use of AI in cyber operations accelerates the intrusion cycle and widens the patch gap, necessitating faster defensive measures. Model extraction attacks, or "distillation attacks," pose a threat to AI intellectual property, allowing adversaries to replicate technology at reduced costs. The report stresses the need for leveraging AI in defense to keep pace with evolving threats and minimize human intervention in response efforts.

Google reports that state-backed hackers from China, Iran, North Korea, and Russia are leveraging its Gemini AI for various stages of cyberattacks, including reconnaissance and data exfiltration. The Gemini AI model is being used by threat actors to enhance phishing lures, conduct vulnerability testing, and develop command-and-control capabilities, posing a significant threat to cybersecurity. Chinese actors have utilized Gemini to automate vulnerability analysis and test remote code execution techniques against U.S. targets, indicating advanced use of AI in cyber warfare. Iranian group APT42 employs Gemini for social engineering, rapidly developing malicious tools, and refining exploitation techniques, showcasing AI's role in accelerating cyber threat development. Cybercriminals are integrating AI into malware families like CoinBait and HonestCue, enhancing phishing kits and malware frameworks with AI-generated code, complicating detection and defense efforts. Google has taken action by disabling accounts and infrastructure linked to AI abuse, implementing defenses within Gemini to prevent further exploitation, and ensuring robust security measures are in place. The misuse of AI models, including attempts at model extraction and knowledge distillation, threatens intellectual property, undermines AI-as-a-service business models, and poses a scalable threat to cybersecurity.

Apple released updates for iOS, macOS, and other platforms to fix a zero-day flaw exploited in targeted cyber attacks. The vulnerability, CVE-2026-20700, involves memory corruption in Apple's Dynamic Link Editor, potentially enabling arbitrary code execution. Google’s Threat Analysis Group discovered the flaw, contributing to Apple's swift response in addressing the security issue. Apple also addressed CVE-2025-14174 and CVE-2025-43529, both previously exploited and patched in late 2025. CVE-2025-14174 involves out-of-bounds access in ANGLE's Metal renderer, while CVE-2025-43529 is a use-after-free flaw in WebKit. The updates cover a broad range of devices, including older versions, enhancing overall security across Apple's ecosystem. This marks Apple's first actively exploited zero-day patch in 2026, following nine similar vulnerabilities addressed in 2025.

Microsoft has identified a surge in "AI Recommendation Poisoning," where malicious actors manipulate AI models to produce biased content. This technique affects AI's ability to provide neutral advice. Over 50 unique prompts from 31 companies across 14 industries have been detected, indicating the widespread nature of this vulnerability. Attackers use hidden instructions in AI-related web links, making it easy to influence AI outputs without user awareness. This vulnerability is akin to SEO Poisoning but targets AI models, potentially affecting critical areas such as health, finance, and security. The manipulation is persistent and invisible, posing a significant risk as users may unknowingly trust compromised AI recommendations. Microsoft advises businesses to monitor AI-related links, review AI assistant memories, and regularly clear unfamiliar entries to mitigate risks. Corporate security teams are encouraged to scan for poisoning attempts in communication platforms to protect organizational integrity.

Apple addressed a zero-day vulnerability, CVE-2026-20700, affecting multiple operating systems, including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. The flaw allowed attackers with memory write capability to execute arbitrary code, posing significant risks to targeted individuals. Google's Threat Analysis Group identified the vulnerability, prompting Apple's swift release of security updates to mitigate potential exploitation. The vulnerability was part of a series of sophisticated attacks, also involving CVE-2025-14174 and CVE-2025-43529, previously patched in December. Users are strongly advised to update to iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, and other latest versions to secure their devices. This marks Apple's first zero-day fix of 2026, following seven similar vulnerabilities addressed in 2025, highlighting ongoing security challenges. The incident underscores the importance of timely software updates to protect against emerging threats in increasingly targeted cyber environments.

Microsoft addressed a critical remote code execution flaw in Windows 11 Notepad, identified as CVE-2026-20841, during the February 2026 Patch Tuesday updates. The vulnerability allowed attackers to execute code by tricking users into clicking malicious Markdown links, bypassing Windows security warnings. The flaw was discovered by Cristian Papa, Alasdair Gorniak, and Chen, and could be exploited via specially crafted Markdown files. Attackers could gain the same permissions as the user by executing malicious code through unverified protocols in Markdown mode. Microsoft has mitigated the issue by updating Notepad to display warnings for non-standard URI links, enhancing user security. Despite the patch, concerns remain about the potential for social engineering attacks, as users may still be tricked into clicking prompts. The automatic update of Notepad via the Microsoft Store ensures widespread deployment of the fix, minimizing the vulnerability's impact.

The AgreeTo add-in for Outlook was hijacked, leading to the theft of over 4,000 Microsoft account credentials, including sensitive financial information. Originally a legitimate scheduling tool, the add-in's URL was abandoned by its developer, allowing a threat actor to repurpose it for phishing. The attacker deployed a fake Microsoft sign-in page and exfiltration script, capturing credentials via a Telegram bot API. Microsoft removed the compromised add-in from its store after the breach was discovered by Koi Security researchers. This incident marks the first known case of a malicious Outlook add-in hosted on Microsoft's Marketplace, raising concerns about add-in verification processes. The attacker is linked to multiple phishing kits targeting various sectors, indicating a broader threat landscape. Users with the AgreeTo add-in are advised to uninstall it immediately and reset their passwords to mitigate potential risks. Microsoft has yet to comment on the situation, highlighting the need for enhanced security measures in app marketplaces.

A security researcher identified 287 Chrome extensions leaking browsing history data, affecting approximately 37.4 million installations, raising significant privacy concerns. The extensions collected data without clear user consent, often disguising their true purpose under vague privacy policies. The research revealed that over 30 companies, including Similarweb and ByteDance, were involved in collecting this sensitive information. An automated testing system using Docker and a MITM proxy was developed to detect these data leaks, highlighting the scale of the issue. Similarweb's financial filings indicate a dependency on data sourced from browser extensions, despite claiming anonymization efforts. Google's Chrome Web Store policy has loopholes that may allow data brokers to exploit user data, necessitating stricter enforcement and oversight. This incident underscores the need for increased user awareness and stronger regulatory measures to safeguard personal data against unauthorized collection.

Huntress researchers identified the Crazy ransomware gang using legitimate employee monitoring software and SimpleHelp remote support tools to gain persistence and evade detection in corporate networks. Attackers deployed Net Monitor for Employees Professional and SimpleHelp, leveraging normal administrative activities to blend in and maintain access to compromised systems. The gang used Windows Installer to deploy monitoring agents, allowing them to remotely control desktops, transfer files, and execute commands on victim systems. SimpleHelp was installed using PowerShell commands with filenames mimicking legitimate software, providing redundancy and persistent remote access. Attackers disabled Windows Defender and set up monitoring rules to alert on cryptocurrency wallet access, indicating preparation for ransomware deployment and potential cryptocurrency theft. Only one incident resulted in ransomware deployment, but overlapping filenames and infrastructure suggest a single operator behind multiple breaches. The use of legitimate tools to mimic normal network traffic is increasingly common, highlighting the need for vigilance against unauthorized installations. Organizations are advised to enforce multi-factor authentication on remote access services to prevent breaches via compromised SSL VPN credentials.

Dutch authorities have arrested a 21-year-old linked to the JokerOTP phishing tool, which intercepted one-time passwords for account hijacking, marking the third arrest in a three-year investigation. The JokerOTP operation, dismantled in April 2025, reportedly caused $10 million in financial losses through 28,000 attacks across 13 countries, targeting platforms like PayPal and Amazon. The suspect allegedly sold access to the phishing tool via Telegram, allowing cybercriminals to automate calls and capture sensitive data, including OTPs, PINs, and card details. JokerOTP facilitated automated calls posing as legitimate services, tricking users into revealing OTPs by creating a false sense of urgency during the authentication process. Authorities have identified numerous buyers of the JokerOTP service in the Netherlands, who are now subject to ongoing investigations and potential prosecution. Victims are encouraged to remain vigilant against such scams and check for data breaches that could increase their risk of being targeted, using resources like Have I Been Pwned. The case serves as a reminder of the sophistication of phishing schemes and the importance of user awareness and robust security measures in preventing unauthorized account access.