February 21, 2026

Hello all,

This week was somewhat light with almost no pants-of-fire alerts. There was one that needs quick attention, a Google Chrome zero-day that’s under active attack, and there were several CISA alerts that should be prioritized due to ongoing and accelerated threat actor activity.

Headline NEWS:

• Amazon Ring is under fire again this week when an internal email revealed that the conspiracy theorists were correct – that Ring was looking at their Super Bowl announced, “Search Party” for lost dogs, as a precursor to a broader initiative to help “zero out crime in neighborhoods”. The clear message being that they were going to use their massively interconnected network to search for and identify individuals. The privacy and personal liberty concerns with this approach have clearly rattled quite a few people, forcing Ring to stop the initiative and go on the defensive to deal with public backlash.
• Google Chrome zero-day use after free defect in Cascading Style Sheets (CSS), heap buffer overflow in PDFium (the default PDF rendering engine), integer overflow in V8 JavaScript engine, and a heap buffer overflow in Media component were all recently patched by Google. Since some of these are already under active exploitation, it is vital that you update to the latest version of Google Chrome to plug these flaws as soon as is reasonable. Also expect that other Chromium based browsers will quickly be releasing updates to address some of the same issues.

In Ransomware, Malware, and Vulnerabilities News:

• Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026. This prescient article details how the global cyber insurance market is waking up to the fact that criminals don’t break in any longer, they log in. Identity posture is now a major factor in underwriters’ decision-making processes and greatly influences rates and favorable coverage chances. The deeper down the secure identity hole your organization ventures, the more favorably you are viewed. Do you enforce and audit, MFA, password complexity, Passwordless, FIDO2 logins, removal of legacy authentication protocols, ensure best practices for account creation, privilege escalation, updates, and retirement? And what about AI agent identities? If you don’t have a GRC (Governance Regulation and Compliance) initiative around identity underway yet, the time to start thinking about one is now, not when you are attempting to obtain cyber insurance renewals or coverage.

In Other News Events of Note and Interest:

• Backblaze Drive Stats 2025. In addition to being an excellent storage and backup vendor, Backblaze puts out annual reports of how the thousands of mechanical spinning drives and solid-state drives used throughout their data centers fared in the prior 12 months. The results are looked forward to with anticipation because they inform consumers which drive vendors and models have the best and worst reliability. In this thirteenth year of publication, they continue their venerable tradition of graciously sharing their results. If you’re shopping for storage, make sure you check the report.

Musings

I remember watching the movie I Robot staring Will Smith when it came out. The robot Sonny was so fantastic in how fluid his motion, responses, and ability to communicate were, that while incredibly well done, I knew that nothing like that could possibly exist. Fast forward 22 years. China’s Unitree Robotics just stunned the world with their robotics extravaganza showcase in Beijing at the Lunar New Year festival. And not just Unitree, Magiclab, Galbot, and Noetix, all Chinese robotics companies, had incredible robotic products from humanoids, dogs, and more represented. It looks as if Sonny is now significantly closer to reality. Fluid motion that exceeds human capability is now here. The next step, that we appear to be speeding pell-mell towards is having true artificial intelligence embedded in the robot. What will that future look like? I’m not sure, but it is increasingly looking like I Robot may have been eerily prophetic.

Keep the shields up!

Viscount Jan Broucinek
Red Dot Security News

Headline NEWS

• Leaked email proves Amazon Ring intended to use surveillance feature for people
• New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released
• Google Issues Emergency Chrome Security Update to Address High-Severity PDFium and V8 Flaws 

Ransomware, Malware, and Vulnerabilities News

• Good News, Government News, and Interesting
• CISA gives feds 3 days to patch actively exploited BeyondTrust flaw
• CISA: BeyondTrust RCE flaw now exploited in ransomware attacks
• CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
• CISA Warns of Google Chromium 0-Day Vulnerability Actively Exploited in Attacks
• CISA orders feds to patch actively exploited Dell flaw within 3 days
• CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
• UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
• Notepad++ boosts update security with ‘double-lock’ mechanism
• Dutch cops arrest man after sending him confidential files
• INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
• A Defector Explains the Remote-Work Scam Helping North Korea Pay for Nukes
• China-linked crew embedded in US energy networks
• Polish authorities arrest alleged Phobos ransomware affiliate
• Vulnerabilities and Exploits
• Critical Ivanti EPMM Zero-Day Vulnerabilities Exploited in The Wild Targeting Corporate Networks
• Hackers Leveraging Multiple AI Services to Compromise 600+ FortiGate Devices
• Predator spyware hooks iOS SpringBoard to hide mic, camera activity
• Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging
• Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup
• Single-Character Typo of “&” Instead of “|” Leads to 0-Day RCE in Firefox
• Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data
• Researcher Lands $6,000 Bug Bounty for Finding Starlink Data Leak
• Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
• Password managers’ promise that they can’t see your vaults isn’t always true
• Researchers unearth 30-year-old vulnerability in libpng library
• Microsoft Blocks Credential Autofill to Fix Windows Hello Flaw
• Microsoft says bug causes Copilot to summarize confidential emails
• Texas sues TP-Link over China links and security vulns
• Critical infra Honeywell CCTVs vulnerable to auth bypass flaw
• Critical BeyondTrust Vulnerability Exploited in the Wild to Gain Full Domain Control
• Crims hit a $20M jackpot via malware-stuffed ATMs
• Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
• OpenClaw Security Issues Continue as SecureClaw Open Source Tool Debuts
• Splunk Enterprise for Windows Vulnerability Let Attackers Hijack DLLs and Gain SYSTEM Access
• Phishing, Malware, and similar
• Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
• Infostealer malware found stealing OpenClaw secrets for first time
• ‘Digital squatting’ hits new levels as hackers target brand domains
• One stolen credential is all it takes to compromise everything
• Hackers target Microsoft Entra accounts in device code vishing attacks
• How infostealers turn stolen credentials into real identities
• Supply Chain Attack Embeds Malware in Android Devices
• Best-in-Class ‘Starkiller’ Phishing Kit Bypasses MFA
• Attackers keep finding the same gaps in security programs
• ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
• Compromised npm package silently installs OpenClaw on developer machines
• Breaches, Leaks, and Ransomware
• Poll: Top NATO allies believe cyberattacks on hospitals are an act of war
• PayPal Data Breach Exposes SSNs and Business PII of Customers for Over Six Months
• Canada Goose investigating as hackers leak 600K customer records
• Deutsche Bahn says cyberattack hit ticket and info systems
• Panera Bread confirms data breach exposed customer contact information
• Data breach at fintech firm Figure affects nearly 1 million accounts
• French Government Says 1.2 Million Bank Accounts Exposed in Breach
• Millions of passwords and Social Security numbers exposed
• Dutch telco Odido admits 6.2M customers affected in breach
• ShinyHunters allegedly drove off with 1.7M CarGurus records
• Fintech lending giant Figure confirms data breach
• Washington Hotel in Japan discloses ransomware infection incident
• Peabody alerts residents about data breach. Expert says cities and towns are “treasure trove” for hackers
• Eurail says stolen traveler data now up for sale on dark web
• Substack data breach exposed user emails, phone numbers in October incident
• LockBit 5.0 ransomware expands its reach across Windows, Linux, and ESXi
• Inside Bashe: The Interview with the Ransomware Group Known as APT73
• The era of the Digital Parasite: Why stealth has replaced ransomware
• Japanese tech giant Advantest hit by ransomware attack 

Other News Events of Note and Interest

• Linux Mint isn’t the best Windows replacement anymore
• Cloud storage company releases its 2025 hard drive reliability report
• Backblaze Drive Stats for 2025
• Apple starts testing end-to-end encrypted RCS messages on iPhone
• FTC to investigate Microsoft’s cloud and AI dominance
• US lawyers file privacy class action against Lenovo
• Most VMware users still “actively reducing their VMware footprint,” survey finds
• AMD releases new chipset drivers with Windows 11 25H2 support and more
• Mozilla is ending Firefox support on Windows 7
• Good Luck Banning Smart Glasses
• As browser wars heat up, Chrome adds new productivity features
• Why the shift left dream has become a nightmare for security and developers
• Wisconsin Reverses Decision to Ban VPNs in Age-Verification Bill
• AI, LLM’s, and Skynet
• Why I don’t think AGI is imminent
• Moltbook’s data breach: A wake-up call for AI security
• Microsoft shows off AI running on the Windows 11 taskbar and File Explorer
• Defense Department and Anthropic Square Off in Dispute Over AI Safety
• ChatGPT gets new security feature to fight prompt injection attacks
• Gemini 3.1 Pro on Gemini CLI, Gemini Enterprise, and Vertex AI
• Google announces Gemini 3.1 Pro, says it’s better at complex problem-solving
• Anthropic’s Sonnet 4.6 matches flagship AI performance at one-fifth the cost, accelerating enterprise adoption
• OpenAI’s acquisition of OpenClaw signals the beginning of the end of the ChatGPT era
• China’s Unitree Robotics showcases eerily lifelike robot kung-fu performance during Lunar New Year
• Kung fu, somersaults and scale: Unitree eyes 20,000-robot output in 2026 after gala
• Copilot quietly pulls your data from other Microsoft products, including Edge and MSN, but you can opt out
• Microsoft
• Microsoft announces new ESU programs for more versions of Windows
• Exclusive: Microsoft is adding image support to Notepad on Windows 11
• Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages
• Microsoft Edge 145 lands with major enterprise security upgrades
• Microsoft says Windows 11 update causes BSOD on some GPU config, broke WPA3 Wi‑Fi, but a fix is rolling out
• Microsoft Edge is getting a new feature that will be loved by IT admins
• Windows 11 24H2 and 25H2 get new camera settings, File Explorer fixes and more in new builds
• Microsoft announces powerful tool for security teams using Defender
• RDP Shortpath (UDP) over Private Link is Now GA
• Microsoft’s new 10,000-year data storage medium: glass
• Microsoft’s new Teams ‘nag screen’ will force you to choose a browser