Weekly Brief, February 16, 2026
Cybersecurity Events & Incidents
Vendor & Security Product Updates
-
Microsoft February 2026 Patch Tuesday includes multiple in the wild zero days and a large set of fixes, prioritize endpoint and Office update deployment for actively exploited items, and validate coverage for developer tooling and cloud services where applicable.
Source: https://www.tenable.com/blog/microsofts-february-2026-patch-tuesday-addresses-54-cves-cve-2026-21510-cve-2026-21513
-
Apple released coordinated platform updates (iOS 26.3 family) fixing the exploited dyld issue, confirm fleet compliance on iOS, macOS, watchOS, tvOS, visionOS where applicable.
Source: https://nvd.nist.gov/vuln/detail/CVE-2026-20700
-
Palo Alto Networks published February advisories including Chromium monthly updates for Prisma Browser and PAN OS issue notes, ensure advisory mapping to your deployed trains and managed update rings.
Source: https://security.paloaltonetworks.com/PAN-SA-2026-0002
-
Cisco updated its Unified Communications critical RCE advisory (CVE-2026-20045) on February 13, 2026, verify you are on fixed releases and confirm any compensating controls for exposed management interfaces.
Source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b
-
Fortinet FortiClientEMS critical SQL injection (CVE-2026-21643) patch guidance published and widely tracked, prioritize internet exposed management surfaces and validate WAF or access control boundaries.
Source: https://fortiguard.fortinet.com/psirt/FG-IR-25-1142
Geopolitical & Political Developments
Notable Vulnerabilities & Patches
Threat Actors
IOCs
-
70.39.197.162:1080 (Cobalt Strike, C2 beaconing)
-
47.109.45.70:12345 (Cobalt Strike, C2 infrastructure)
-
95.213.143.102:443 (Earth Baxia, Cobalt Strike C2)
-
195.177.94.132:31337 (Sliver, C2 listener)
-
181.174.165.128:3333 (GoPhish, phishing infrastructure)
-
97b3d06cabef1e153541fdba3a6f55a4 (Vidar, infostealer payload)
-
587ea69283a5e2863add67c8d8ad0382910bdb57d1fd52882ad6df7531dc6a5e (Coinminer, payload execution)
Analyst Comments / Defender Impact Summary
U.S.-Focused Threat Intelligence Snapshot
Security Community Trends (GitHub & Twitter/X)
Emerging Technical Intelligence (Moderate Confidence)
Summary
Immediate threats
Actionable steps
Longer-term needs