Threat Newsletter February 16, 2026

Welcome to this week’s Threat Intel Newsletter. In this edition, the common thread is that compromise is increasingly happening through places defenders are forced to trust: edge infrastructure, virtualization layers, software update paths, and extension ecosystems. We break down China-linked targeting of Singapore’s telecom sector and leaked evidence of critical infrastructure attack rehearsals, then shift to the growing wave of marketplace and add-on poisoning. We also summarize the most urgent patch and mitigation items, including actively exploited bugs across major platforms.

UNC3886 Targets Singapore’s Telecom Sector

Singapore Cyber Security Agency (CSA) said China-linked cyber espionage group UNC3886 conducted a targeted campaign against Singapore telecommunications sector. CSA described the actor as highly capable, noting use of sophisticated tooling, including a zero-day to bypass a perimeter firewall, and rootkits for persistence and stealth in another.

Key Takeaways

🔓 Target: Telecom is a priority espionage target: The focus on national telcos signals interest in strategic access.

❗Take defensive measures: Assume perimeter controls can be bypassed. The alleged zero-day firewall bypass shows that a patched perimeter alone is not enough.

🌐 Edge/Virtualization remain high-risk layers: CSA's characterization of UNC3886—focused on edge devices and virtualization technology—aligns with the repeated value attackers find in these control-plane areas.

🛡️ Mitigation: CSA emphasized closing access points and expanding monitoring, suggesting that improved visibility and containment were key to stopping further movement.

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign

UNC3886 targeted Singapore’s telecom operators via zero-day exploits, rootkits, and VMware systems; no customer data breach confirmed.

The Hacker NewsThe Hacker News

Claude Desktop Extensions 0-Click RCE Vulnerability Exposes 10,000+ Users

Key Takeaways

Security researchers discovered a zero-click vulnerability in the Claude Desktop app for macOS that allowed attackers to execute malicious code without any user interaction. The flaw stemmed from improper handling of custom URL schemes. By crafting a malicious link, an attacker could trigger the app to automatically run arbitrary commands.

🔓 Vulnerability: A zero-click vulnerability in Claude Desktop for macOS. Attackers could run malicious code just by getting the user to open a webpage or message containing a crafted link.

🛞 How it works: The app used a custom URL scheme that has poor validation, allowing attackers to inject harmful commands through these URLs.

🌐 Who is affected: MacOS users running older versions of Claude Desktop are at risk.

💥Impact: This attack could allow remote code execution (RCE) where no user interaction is required.

🛡️Fix: Anthropic released an update that fully patches the issue. Users should update the Claude Desktop app immediately.

Claude Desktop Extensions 0-Click RCE Vulnerability Exposes 10,000+ Users to Remote Attacks

A new critical vulnerability discovered by security research firm LayerX has exposed a fundamental architectural flaw in how Large Language Models (LLMs) handle trust boundaries.

CybersecurityNewsGuru Baran

OpenClaw Becomes New Target in Rising Wave of Supply Chain Poisoning

OpenClaw, an open-source AI agent platform, is being targeted by supply-chain poisoning through its ClawHub plugin marketplace. Attackers are uploading malicious "skills" that appear legitimate but deploy info stealers—most notably Atomic macOS Stealer.

Key Takeaways

💥Attack: Attackers are poisoning OpneClaw’s plugin marketplace (ClawHub) with malicious AI agent skills. These skills execute commands directly from Markdown, making them easy to abuse.

🌐 Scale of Compromise: Security firms SlowMist and Koi Security discovered hundreds of compromised extensions, with infection rates between 12% and 16%. The malicious skills use Base64-encoded commands, multi-stage droppers, and shared attacker infrastructure to deploy credential theft, file exfiltration, and phishing prompts. There are 472 affected skills tied to shared attacker infrastructure.

💥Malicious Skills: The skills deploy Atomic macOS Stealer, steal browser and key chain credentials, exfiltrate desktop and document files, and use multi-stage payloads delivered via curl or bash.

🛡️ Treat all ClawHub skills as untrusted: The core problem is that OpenClaw executes instructions directly from Markdown. The safest stance is do not install directly from ClawHub unless you have manually reviewed them. Prefer locally developed, internally vetted, or signed skills.

OpenClaw Becomes New Target in Rising Wave of Supply Chain Poisoning Attacks

OpenClaw, a rapidly growing open-source AI agent platform, faces severe supply chain risks as attackers poison its ClawHub plugin marketplace with malicious skills.

CybersecurityNewsGuru Baran

China rehearsing cyberattacks on neighbors’ critical infrastructure

Leaked technical documents reveal that China has been rehearsing cyberattacks on neighboring countries' critical infrastructure using a secret training platform called "Expedition Cloud." The platform includes source code, training materials, and system architecture that show China is simulating real foreign networks—including power grids, energy transmission systems, transportation networks, and smart home systems—to practice offensive cyber operations.

Key Takeaways

🧪 Expedition Cloud: This is a sophisticated cyber-range environment designed for offensive, not defensive, training. The platform was built by the company CyberPeace, which has ties to China’s government and military. This platform allows attackers to rehearse operations repeatedly using realistic network templates.

🌐 Attack Simulation: China is simulating attacks on power grids, energy transmission, transportation systems, and smart home networks.

🔍 Authenticity of the Leak: The documents were discovered on a unsecured FTP server tied to a developer infected with malware. The server contained technical documentation, patches, debugging logs, and personal files.

🌎 Strategic Implications: Researchers suggest China is preparing for pre-planned, rapid cyber operations against regional adversaries. This raises concerns for countries in the South China Sea and Indochina regions.

Leaked technical documents show China rehearsing cyberattacks on neighbors’ critical infrastructure

Internal files describe a training platform as part of a large integrated system designed to allow attackers to practice hacking replicas of “the real network environments” of China’s “main operational opponents in the South China Sea and Indochina directions.”

The RecordAlexander Martin

Microsoft Patches 6 zero days, 58 flaws on February 2026 Patch Tuesday

Microsoft's February 2026 Patch Tuesday fixes 58 vulnerabilities, including six actively exploited zero-days. The update also patches five Critical flaws and begins rolling out new Secure Boot certificates before the legacy certificates expire in June 2026. The six zero-days include security feature bypasses, privilege escalation flaws, and issues that allow attackers to trick users into opening malicious files or links.

Microsoft's February 2026 Patch Tuesday fixes 58 vulnerabilities, including six actively exploited zero-days. The update also patches five Critical flaws and begins rolling out new Secure Boot certificates before the legacy certificates expire in June 2026. The six zero-days include security feature bypasses, privilege escalation flaws, and issues that allow attackers to trick users into opening malicious files or links.

Key Takeaways

❗Six Zero-Days Actively Exploited: Microsoft patched six zero-day vulnerabilities for:

• SmartScreen / Shell prompt bypass (CVE-2026-21510)
• OLE mitigation bypass in Office (CVE-2026-21514)
• Internet Explorer security bypass (CVE-2026-21513)
• Privilege escalation in Desktop Window Manager (CVE-2026-21519)
• RD-related vulnerability (CVE-2026-21533)

🔧 58 Total Vulnerabilities Fixed:

Breakdown Includes:

• 25 Elevation Privilege
• 12 Remote Code Execution
• 7 Spoofing
• 6 Information Disclosure
• 5 Security Feature Bypass
• 3 Denial of Service

🧩 Secure Boot Certificate Update: Microsoft is rolling out new Secure Boot certificates to replace the 2011 versions expiring in June 2026 an important step to maintain protection against boot-level malware.

🛡️ Urgency: CISA has mandated federal agencies to patch all six-zero days by March 3, 2026, signaling high exploitation risk.

Microsoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flaws

Today is Microsoft’s February 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly disclosed zero-day vulnerabilities.

BleepingComputerLawrence Abrams

New Botnet Operation (SSHStalker) used IRC for C2

Researchers have discovered SSHStalker, a newly discovered Linux botnet that uses old-school IRC (Internet Relay Chat) for command-and-control while combining it with modern automated mass-compromise techniques.

Key Takeaways

🔍 What is SSHStalker: This is a new Linux botnet that uses IRC for command and control and infects systems by brute-forcing SSH credentials and exploiting legacy Linux kernel vulnerabilities dating back to 2009-2010.

🚨 How it spreads: The botnet does automated SSH brute-force attacks against weak credentials. It also uses mass scanning of cloud infrastructure.

🛠️ Capabilities: The botnet can tamper with logs to hide activity, uses root-like components for stealth, maintains persistence through cron jobs running every 60 seconds, and compiles payloads locally for cross-distribution compatibility.

📈 Scale of Activity: Nearly 7,000 hosts scanned or compromised in January alone.

🎯 Who is at risk: Systems that are at risk are Linux systems with weak SSH passwords, exposed SSH services, and outdated kernels (especially versions 2.6.x era).

🛡️ Mitigation: SSHStalker spreads primarily through brute-forcing SSH. Closing that door is the single biggest win. Organizations need to do the following:

• Disable password authentication
• Disable root login over SSH
• Change SSH to a non-default port ( not a security fix by itself, but reduces noise).
• Enable fail2ban or similar-tools (Blocks repeated login attempts automatically).
• Use firewall rules to restrict SSH:
  • Allow only specific IPS or VPN ranges.
  • Block SSH from the open internet if possible.

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

The Hacker NewsThe Hacker News

New commercial mobile spyware RAT (ZeroDay) being sold via Telegram

Zero-DayRat is a newly discovered commercial spyware toolkit designed to fully compromise both iOS and Android devices. It appears to be part of the growing market of tools sold to governments or private clients for targeted surveillance.'

Key Takeaways

🔍 Capabilities: The spyware exploits zero-day vulnerabilities to gain initial access and installs a stealthy remote access Trojan. It can also extract messages, photos, location data, microphone audio, call logs, and app data.

⚠️ Full-Device Compromise: ZeroDayRat provides attacker with near-total access to a victim’s phone, including real-time surveillance, data exfiltration, and remote control.

❌ Cross-Platform (iOS + Android): It’s rare for a single spyware framework to target both ecosystems effectively. This suggests a well-funded developer with advanced exploit capabilities.

🎯 Targeted Surveillance: This spyware is deployed to spy on journalists, activist, political figures, and corporate executives.

🛡️ Keep Devices fully updated: Spyware kits such as this one rely on zero-day vulnerabilities, but once they’re discovered, Apple and Google patch them quickly.

• Install OS updates immediately.
• Enable automatic updates for apps and system components.

New ZeroDayRAT Spyware Can Take Over iPhones and Androids | Certo Software

ZeroDayRAT mobile spyware can secretly access phones, steal data and track users. Learn how it spreads, the risks, and simple steps to protect your device.

Certo Software | iPhone & Android Spyware DetectionSophia Taylor

Crazy ransomware gang exploits employee monitoring software in corporate attacks

A ransomware group has begun abusing legitimate employee-monitoring and remote-management tools to infiltrate corporate networks.

Key Takeaways

🔒Initial Access: The attackers are gaining access through phishing or stolen credentials, then install or hijack monitoring software to maintain persistence. Once inside, they exfiltrate data and deploy ransomware.

❗Attackers Blend in with normal activity: Because the software is signed, trusted, and commonly used in enterprises, this allows attackers to avoid detection by security tools.

🛡️ Zero-trust and monitoring are essential: Organizations need to

• Strict access controls.
• Have MFA enabled.
• Network segmentation.
• Logging and alerting on remote-tool activity.
• Regular audits of installed remote-access software.

Ransomware gang exploits employee monitoring software in corporate attacks

A member of the Crazy ransomware gang is exploiting legitimate employee monitoring software and remote support tools to infiltrate corporate networks.

PauboxGugu Ntsele

Qilin ransomware gang attacks ApolloMD

ApolloMD, a major U.S physician services provider, disclosed a significant data breach affecting 626,540 patients after a ransomware attack attributed to the Qilin ransomware group.

Key Takeaways

⚠️ Over 636,000 patient records exposed: A large volume of sensitive data, including SSNs and medical details was compromised, increasing long-term identity theft risks.

🔍 Attack linked to the Qilin ransomware group: Qilin is known for double extortion tactics and targeting healthcare and critical infrastructure.

🧑‍⚕️ Healthcare remains a prime target: Medical organizations are prime targets for ransomware groups due to complex networks, legacy systems, and high uptime requirements.

❗Patients face long-term risks: Stolen medical and identity data can be misused for medical and insurance fraud, potential leading to long-term financial fraud.

🛡️ Defense: Organizations must stay vigilant and do the following to strengthen their defenses:

• Enforce MFA everywhere, especially for VPN, RDP, and admin accounts.
• Disable or tightly restrict RDP and other remote access protocols.
• Require strong, unique passwords and rotate privileged credentials.
• Implement conditional access (IP allowlists, device trust, geofencing).

Qilin-Linked Ransomware Attack at ApolloMD Exposes 626,540 Patient Records, Federal Filing Shows

A ransomware attack on ApolloMD has exposed the personal and medical data of more than 626,000 individuals, according to a newly published federal disclosure, underscoring the persistent cybersecurity risks facing healthcare organizations and their third-party partners.The US Department of Health and Human Services breach portal now lists 626,540 individuals as affected by the May 2025 incident, which targeted the Atlanta-based physician and practice management services provider. ApolloMD works

Enterprise Sec TechCyber Jack

Abandoned Microsoft Add-in hijacked and used as a Phishing Kit

A malicious actor hijacked an abandoned but legitimate-looking Outlook add-in distributed through the Microsoft Store. Once installed, the add-in redirected users to a phishing page designed to steal Microsoft account credentials.

Key Takeaways

❗Attack: An attacker hijacked an abandoned but still-listed Outlook add-in called “AgreeTo”, originally a legitimate meeting-scheduling tool. Because Outlook add-ins load content from developer controlled URLs, the attacker simply claimed the expired domain and replaced the original content with a fake Microsoft login page.

🔍 A new Supply-chain attack vector: This is the first documented malicious Outlook add-in, expanding supply-cahin threats beyond browser extensions and npm packages.

🌐 Impact: The phishing page captured thousands of credentials, enabling access to email, cloud data, and potentially MFA tokens. Over 4,000 Microsoft accounts were compromised.

🛡️ Mitigation: Organization must be aware that Outlook add-ins are a new supply chain attack vector and abandoned add-ins can be hijacked without hacking. Organizations must audit add-ins, restrict OAuth, and user training must now include in-app phishing awareness.

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in a supply chain attack.

The Hacker NewsThe Hacker News

OAPT: Fake Victim Lists, Genuine RaaS Potential

Security researchers uncovered that “0APT”, a supposed new ransomware group claiming advanced nation‑state‑level capabilities, was actually a hoax. The group attempted to present itself as a sophisticated APT‑style ransomware operation.

Key Takeaways

❗Not every “new ransomware group” is real: While conducting research on 0APT, researchers concluded that 0APT is likely a scam operation trying to intimidate organizations into paying without actually breaching them—or a low-skill actor attempting to gain notoriety by posing as a major threat group.

🔍 Threat actors increasingly use psychological pressure: Even without real technical capability, attackers can send fake breach notices and claim to have stolen data.

⚠️ Low-skill actors can still cause disruption: Even fake groups can waste IR team time and distract organizations from real threats. This is why structured incident response is essential.

🛡️ Verify First: Organizations should verify breach claims before responding. And check logs for real intrusion indicators of any lateral movement, exfiltration, or persistence happening within your environment.

0APT ransomware group rises swiftly with bluster, along with genuine threat of attack

Most signs suggest the group is running a massive hoax by claiming hundreds of initial victims, but at least some of the threat 0APT poses is grounded in truth backed by proven capabilities.

CyberScoopMatt Kapko

Malicious Chrome Extensions Steal 2FA Codes, Emails, and Business Data

Security researchers uncovered multiple malicious Chrome extensions that were secretly stealing sensitive user data, business information, authentication tokens, and browsing activity.

Key Takeaways

❗Chrome extensions are now a major data-theft vector: Attackers are increasingly using extensions to access browser data, read emails, and monitor activity in real time to bypass traditional endpoint security.

🔧Disguised Malicious extensions: Attackers are disguising malicious extensions as AI helpers to trick users into installing them.

💼 Business accounts are being compromised: Some extensions steal access to Meta Business Suite, Facebook Business Manager, and other high value accounts.

🌐 Impact: Millions of users have been affected across hundreds of extensions, some active for years.

🛡️ Mitigate: Organizations should limit browser extensions to a small set of trusted, approved tools and regularly remove anything unnecessary. They should keep browsers updated and review extension permissions to prevent data‑stealing add‑ons from gaining excessive access. Finally, monitoring for unusual browser behavior helps catch malicious extensions early before they can steal sensitive information.

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

The Hacker NewsThe Hacker News

Lotus Blossom Compromises Notepad++ Updates to Deliver Backdoor

Between June and December 2025, a state‑sponsored threat group known as Lotus Blossom compromised the hosting infrastructure used by Notepad++. Instead of attacking the software itself, the attackers breached the shared hosting provider, allowing them to intercept and redirect update traffic meant for the official Notepad++ update server. This let them deliver malicious update manifests and backdoor installers to selectively targeted users.

Key Takeaways

❗Attack: Attackers hijacked the hosting provider to redirect update requests and deliver malicious files.

🎯 Target: The threat actors selectively served malicious updates to high-value targets in Southeast Asia.

🛡️Mitigation: Anyone who attempted to update Notepad++ before version 8.8.9 during the affected period should audit their systems and install the latest version.

Nation-State Actors Exploit Notepad++ Supply Chain

Unit 42 reveals new infrastructure associated with the Notepad++ attack. This expands understanding of threat actor operations and malware delivery.

Unit 42Unit 42

Patch Now: BeyondTrust Remote Support/PRA RCE Under Active Attack

Threat actors are actively exploiting a critical BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) vulnerability, CVE-2026-1731 (CVSS 9.9), with researchers observing exploitation across real-world sensors.

Key Takeaways

⚠️ Flaw: The bug is pre-auth remote code execution, meaning an attacker can potentially run commands without logging in by sending crafted requests.

❗Exploitation: This is being exploited right now as CISA added this vulnerability to their Known Exploited Vulnerabilities (KEV).

🛡️ Mitigation: Patch priority is immediate. BeyondTrust lists fixes as:

• Remote Support: Patch BT26-02-RS (v21.3–25.3.1)
• Privileged Remote Access: Patch BT26-02-PRA (v22.1–24.X)
• PRA v25.1+ reportedly does not require patching for this issue.

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws to KEV list.

The Hacker NewsThe Hacker News

GTIG Warns Threat Actors Are Weaponizing Gemini for Target Profiling

Google researchers examined how AI models can be misused by attackers and how defenders can better understand these risks through distillation, experimentation, and integration. They found that adversaries can use AI to speed up phishing, malware generation, vulnerability discovery, and social engineering, but also that defenders can use the same techniques to stress‑test models, detect misuse patterns, and build safer systems.

Key Takeaways

⚠️ Attackers Utilizing AI: AI helps them write better phishing emails, generate malware variations, and automate reconnaissance.

🛡️ Defenders Must test AI systems: Red‑teaming and controlled experiments reveal weaknesses before adversaries exploit them.

🛡️Model Distillation: By simplifying or replicating models, defenders can safely study adversarial behavior.

⚠️ Integrating AI threat intelligence: Security teams should integrate AI threat intelligence into their workflows, as this helps detect misuse patterns early and strengthen overall resilience.

GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use | Google Cloud Blog

Our report on adversarial misuse of AI highlights model extraction, augmented attacks, and new AI-enabled malware.

Google Cloud

Apple Patches CVE-2026-20700 Zero-Day Used in “Extremely Sophisticated” Attacks

Apple released emergency security updates to fix CVE‑2026‑20700, a zero‑day vulnerability in dyld, the Dynamic Link Editor used across iOS, macOS, iPadOS, watchOS, tvOS, and visionOS.

Key Takeaways

⚠️ The flaw is a memory corruption issue that allows an attacker with memory‑write access to execute arbitrary code on affected devices.

❗The memory corruption bug lets an attacker run malicious code if they can write to memory.

🔧 Affected versions: iOS, macOS, iPadOS, watchOS, tvOS, and visionOS required urgent updates.

🌐 Actively exploited: The flaw was actively exploited against high‑value, targeted individuals.

🛡️Mitigation: Patching is the only protection, since attackers were already exploiting the flaw.

Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacks

Apple has released security updates to fix a zero-day vulnerability that was exploited in an “extremely sophisticated attack” targeting specific individuals.

BleepingComputerLawrence Abrams