🚨 CISA KEV 1[−]
17 Feb KEVCISA Adds Four Known Exploited Vulnerabilities to CatalogCISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2008-0015 Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability CVE-2020-7796 Synacor Zimbra Collaboration Suite (ZCS…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
17 FebChromium: CVE-2026-2320 Inappropriate implementation in File inputThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
17 FebChromium: CVE-2026-2441 Use after free in CSSThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information. Google is aware that an exploit for CVE-2026-2441 exists i…MSRC.MICROSOFT.COM
17 FebChromium: CVE-2026-2323 Inappropriate implementation in DownloadsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
17 FebCVE-2026-0102 Microsoft Edge (Chromium-based) Defense in Depth VulnerabilityUnder specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata.MSRC.MICROSOFT.COM
17 FebCVE-2026-2318This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
17 FebChromium: CVE-2026-2317 Inappropriate implementation in AnimationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
17 FebChromium: CVE-2026-2313 Use after free in CSSThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
17 FebCVE-2026-26119 Windows Admin Center Elevation of Privilege VulnerabilityImproper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
17 FebFrom BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-DayWritten by: Peter Ukhanov, Daniel Sislo, Nick Harbour, John Scarbrough, Fernando Tomlinson, Jr., Rich Reece Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified the zero-day exploitation of a high-risk vulnerability in Dell RecoverPoint for Virtual Ma…CLOUD.GOOGLE.COM
⚠️ VULNERABILITY DISCLOSURE 1[−]
17 FebSpam Campaign Abuses Atlassian Jira, Targets Government and Corporate EntitiesWe uncover how a campaign used Atlassian Jira Cloud to launch automated and targeted spam campaigns, exploiting trusted SaaS workflows to bypass security controls.TRENDMICRO.COM
🔥 INCIDENT REPORTING 4[−]
17 FebWeekly Update 491Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Well, the ESP32 Bluetooth bridge experiment was a complete failure. Not the radios themselves, they're actually pretty cool, but t…TROYHUNT.COM
17 FebCanada Goose - 581,877 breached accountsIn February 2026, a data breach allegedly containing data relating to Canada Goose customers was published publicly . The data contained 920k records with 582k unique email addresses and included names, phone numbers, IP addresses, physical addresses and partial credit card data,…HAVEIBEENPWNED.COM
17 Feb2026 Unit 42 Global Incident Response Report — Attacks Now 4x FasterAttackers are leveraging identity, AI, and supply chain exposure. Unit 42's Global 2026 IR Report reveals faster, broader, harder-to-contain threats. The post 2026 Unit 42 Global Incident Response Report — Attacks Now 4x Faster appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
17 FebPassword managers less secure than promisedsubmitted by cm0002 to cybersecurity 10 points | 11 comments https://ethz.ch/en/news-and-events/eth-news/news/2026/02/password-managers-less-secure-than-promised.html ETH Zurich researchers have discovered major security flaws in three popular cloud-based password managers - Bitw…INFOSEC.PUB
🕵️ THREAT INTELLIGENCE 4[−]
17 FebUnify now or pay later: New research exposes the operational cost of a fragmented SOCNew research from Microsoft and Omdia reveals how fragmented tools, manual workflows, and alert overload are pushing SOCs to a breaking point. The post Unify now or pay later: New research exposes the operational cost of a fragmented SOC appeared first on Microsoft Security Blog …MICROSOFT.COM
17 FebNews alert: Award nominations reveal a shift from AI hype to a sharper focus on governing agentic AIWASHINGTON, Feb. 17, 2026, CyberNewswire: The Cybersecurity Excellence Awards today published early nomination insights from the 2026 program, highlighting a shift in vendor emphasis from broad AI positioning toward governance frameworks, identity architecture, and measurable acc…LASTWATCHDOG.COM
17 FebSecuring the Agentic EndpointSecure the Agentic Endpoint. Traditional security misses the risk of AI agents. Learn how Palo Alto Networks and the Koi acquisition bring new protection. The post Securing the Agentic Endpoint appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
17 FebIntroducing Unit 42 Managed XSIAM 2.0Unit 42 Managed XSIAM 2.0 delivers a 24/7 managed SOC with continuous detection, investigation, and full-cycle remediation. The post Introducing Unit 42 Managed XSIAM 2.0 appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
📡 INFOSEC NEWS 2[−]
17 FebWeekly Threat Bulletin – February 18th, 2026These are the top threats you should know about this week.F5.COM
17 FebIs it OK to let your children post selfies online?When it comes to our children’s digital lives, prohibition rarely works. It’s our responsibility to help them build a healthy relationship with tech.WELIVESECURITY.COM