VulnHub

In February 2026, a significant security update was released that addressed 59 Common Vulnerabilities and Exposures (CVEs), including six zero-day vulnerabilities. These vulnerabilities could allow attackers to gain unauthorized access or execute malicious code on affected systems. Various products from multiple vendors are impacted, which means a wide range of users, including businesses and individual consumers, could be at risk. The presence of zero-day vulnerabilities indicates that attackers could exploit these weaknesses before users have the chance to apply the necessary patches. Companies and users are urged to update their systems promptly to mitigate potential risks associated with these vulnerabilities. Ignoring these updates could expose them to serious security breaches.

Hackers are exploiting vulnerabilities in SolarWinds Web Help Desk (WHD) to gain unauthorized access to systems. This allows them to execute code on affected machines, deploying legitimate forensic tools like Velociraptor to maintain persistence and enable remote control. Organizations using SolarWinds WHD should be particularly vigilant, as these vulnerabilities can lead to serious security breaches. The situation underscores the need for companies to regularly update and patch their systems to protect against such attacks. Users of the software must act quickly to ensure their environments are secure.

BeyondTrust has addressed a serious remote code execution vulnerability, identified as CVE-2026-1731, which affects its Remote Support (RS) and Privileged Remote Access (PRA) solutions. This vulnerability can be exploited without authentication, making it particularly dangerous for self-hosted customers. BeyondTrust is urging users to apply the patch immediately to protect their systems. Unlike a previous zero-day vulnerability exploited by threat actors linked to China, this issue was discovered by a security researcher and disclosed privately. The prompt action by BeyondTrust highlights the necessity for timely vulnerability management in remote access tools, which are critical for many organizations.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a five-year-old vulnerability in GitLab that is currently being exploited in cyberattacks. This flaw affects various versions of GitLab, and its exploitation puts government agencies and organizations using this software at risk. CISA is urging all agencies to apply the necessary patches to safeguard their systems against potential attacks. This situation emphasizes the importance of keeping software up to date, especially for widely used platforms like GitLab. Failure to address such vulnerabilities can lead to serious security breaches, impacting sensitive data and operations.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious vulnerability in SolarWinds Web Help Desk that is currently being exploited in active attacks. This flaw poses a risk to federal agencies, which have been instructed to apply necessary patches within three days to mitigate potential damage. The urgency of the situation underscores the importance of maintaining up-to-date systems, especially for organizations that rely on SolarWinds products. If left unaddressed, this vulnerability could lead to unauthorized access and compromise sensitive data, affecting not just government agencies but potentially their partners and clients as well. The situation is a reminder for all users of SolarWinds software to remain vigilant and ensure their systems are secure.

Last week, Microsoft addressed a serious vulnerability in its Office software, which was being actively exploited by attackers. This zero-day flaw could allow unauthorized access to user systems, putting sensitive information at risk. Users of Microsoft Office should ensure they install the latest updates to protect themselves from potential attacks. Additionally, Fortinet released patches for a flaw in its FortiCloud single sign-on (SSO) service, which could have allowed unauthorized access to user accounts. Organizations using FortiCloud should prioritize applying these updates to safeguard their systems from exploitation.

A vulnerability in WinRAR, a popular file compression software, is being exploited by Russian and Chinese nation-state attackers, even though a patch was released last July to fix the issue. This flaw poses a significant risk, particularly to small and medium-sized businesses (SMBs), which may not have updated their software or may be unaware of the vulnerability. The fact that this exploitation is ongoing months after the patch was issued raises concerns about the security practices of many organizations. Companies using affected versions of WinRAR need to take immediate action to protect themselves from potential breaches. Staying updated with software patches is crucial, especially when attackers are targeting known vulnerabilities.

Fortinet has addressed a significant vulnerability tracked as CVE-2026-24858, which could allow attackers to bypass authentication and gain unauthorized access to devices linked to other FortiCloud accounts. This flaw presents a serious risk, as it enables malicious actors to potentially control devices that should be secure. Users and organizations utilizing FortiCloud services are particularly affected, as their account security could be compromised. Fortinet's swift action to patch this vulnerability is crucial to prevent exploitation and protect users' sensitive data. Companies using Fortinet products should ensure they apply the latest updates to mitigate this risk effectively.