VulnHub

Apple has addressed a serious zero-day vulnerability, identified as CVE-2026-20700, which was used in targeted attacks last year. This flaw, a memory corruption issue in the dyld component of Apple's operating systems, could allow attackers to execute arbitrary code on affected devices. Specifically, the vulnerability impacts versions of iOS prior to iOS 26 and was reportedly exploited in sophisticated attacks against select individuals. Users of these older versions should update their devices to protect against potential exploitation.

Microsoft has recently patched six zero-day vulnerabilities, which are serious security flaws that attackers can exploit to gain unauthorized access. Users are typically urged to update their systems immediately to protect against such threats. However, some experts are advising caution, suggesting that these patches might cause issues or conflicts with existing software. This situation leaves many users in a challenging position as they weigh the risks of applying the updates against the potential vulnerabilities. It's important for individuals and organizations to assess their specific environments before proceeding with the updates to ensure they don't inadvertently create new problems.

In February 2026, Microsoft addressed over 50 security vulnerabilities during its Patch Tuesday update, including six zero-day flaws that were actively exploited by attackers. Notably, three of these zero-days involve security feature bypasses. One of the vulnerabilities, identified as CVE-2026-21513, impacts the MSHTML/Trident browser engine used in Internet Explorer on Windows, while CVE-2026-21514 affects Microsoft Word. Attackers can exploit these vulnerabilities by tricking users into opening malicious files or links. As these security holes are actively being exploited, users and organizations must apply the updates promptly to protect their systems from potential breaches.

In February 2026, a significant security update was released that addressed 59 Common Vulnerabilities and Exposures (CVEs), including six zero-day vulnerabilities. These vulnerabilities could allow attackers to gain unauthorized access or execute malicious code on affected systems. Various products from multiple vendors are impacted, which means a wide range of users, including businesses and individual consumers, could be at risk. The presence of zero-day vulnerabilities indicates that attackers could exploit these weaknesses before users have the chance to apply the necessary patches. Companies and users are urged to update their systems promptly to mitigate potential risks associated with these vulnerabilities. Ignoring these updates could expose them to serious security breaches.

Hackers are exploiting vulnerabilities in SolarWinds Web Help Desk (WHD) to gain unauthorized access to systems. This allows them to execute code on affected machines, deploying legitimate forensic tools like Velociraptor to maintain persistence and enable remote control. Organizations using SolarWinds WHD should be particularly vigilant, as these vulnerabilities can lead to serious security breaches. The situation underscores the need for companies to regularly update and patch their systems to protect against such attacks. Users of the software must act quickly to ensure their environments are secure.

The Cybersecurity and Infrastructure Security Agency (CISA) has updated 59 entries in its Known Exploited Vulnerabilities (KEV) catalog to indicate that these vulnerabilities are being actively exploited in ransomware attacks. This update raises concerns among security experts because it implies that organizations may be unaware that their systems are vulnerable to these specific attacks. The vulnerabilities affect a range of products, and the updates were made without much public awareness, which could leave many companies at risk. It's crucial for organizations to review these updates and apply necessary patches to protect against potential ransomware threats. This situation stresses the need for better communication regarding vulnerability management in the cybersecurity community.

Researchers have identified a new ransomware-as-a-service (RaaS) variant known as 'Vect'. This operation stands out due to its custom malware, which poses a significant threat to organizations. The Vect RaaS allows attackers to easily deploy ransomware attacks, potentially affecting a wide range of victims, from small businesses to larger enterprises. The introduction of this variant raises concerns about the increasing sophistication of ransomware operations, making it crucial for companies to bolster their cybersecurity measures. Users are advised to stay vigilant and regularly update their security protocols to defend against such evolving threats.

Hackers have successfully compromised an update server belonging to MicroWorld Technologies, the company behind eScan Antivirus. This breach allowed attackers to inject malicious files into updates that were sent to eScan customers, effectively turning the antivirus software into a delivery mechanism for malware. Users who updated their eScan software during this incident may have inadvertently installed harmful files on their systems. This incident raises significant concerns about the security of software supply chains, highlighting how even trusted software can be weaponized. Users are advised to remain vigilant and consider checking their systems for any signs of compromise.