Weekly Threat Intelligence Summary

Top 10 General Cyber Threats

Generated 2026-02-23T05:00:05.613547+00:00

1. 2025 Cloud Threat Hunting and Defense Landscape (www.recordedfuture.com, 2026-02-19T00:00:00)
   Score: 10.799
   Threat actors are doubling down on cloud infrastructure — exploiting misconfigurations, abusing native services, and pivoting through hybrid environments to maximize impact. See how attack patterns are evolving across exploitation, ransomware, credential abuse, and AI service targeting in this latest cloud threat roundup.
2. Update Chrome now: Zero-day bug allows code execution via malicious webpages (www.malwarebytes.com, 2026-02-17T12:33:13)
   Score: 10.252
   Google has released an emergency update to patch an actively exploited zero-day—the first Chrome zero-day of the year.
3. Apple patches zero-day flaw that could let attackers take control of devices (www.malwarebytes.com, 2026-02-12T11:40:35)
   Score: 9.413
   Apple issued security updates for all devices which include a patch for an actively exploited zero-day—tracked as CVE-2026-20700.
4. Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets (www.malwarebytes.com, 2026-02-20T10:00:30)
   Score: 7.735
   Attackers are weaponizing Facebook ads to distribute password-stealing malware masked as a Windows download.
5. GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack (www.recordedfuture.com, 2026-02-18T00:00:00)
   Score: 7.632
   GrayCharlie turns compromised WordPress sites into malware delivery machines. Discover how this threat actor chains fake browser updates and ClickFix lures to deploy NetSupport RAT, Stealc, and SectopRAT.
6. State of Security Report | Recorded Future (www.recordedfuture.com, 2026-02-12T00:00:00)
   Score: 7.632
   Download Recorded Future's 2026 State of Security report which provides comprehensive threat intelligence on geopolitical fragmentation, state-sponsored operations, ransomware evolution, and emerging technology risk.
7. Chrome “preloading” could be leaking your data and causing problems in Browser Guard (www.malwarebytes.com, 2026-02-17T18:25:47)
   Score: 7.293
   This article explains why Chrome’s “preloading” can cause scary-looking blocks in Malwarebytes Browser Guard.
8. Scam Guard for desktop: A second set of eyes for suspicious moments (www.malwarebytes.com, 2026-02-17T13:50:00)
   Score: 7.261
   Malwarebytes Scam Guard is now on Windows and Mac, bringing AI-powered scam detection to your desktop.
9. February 2026 Patch Tuesday: Six Zero-Days Among 59 CVEs Patched (www.crowdstrike.com, 2026-02-10T06:00:00)
   Score: 7.04
10. Child exploitation, grooming, and social media addiction claims put Meta on trial (www.malwarebytes.com, 2026-02-12T12:35:26)
    Score: 6.419
    Landmark trials now underway allege Meta failed to protect children from sexual exploitation, grooming, and addiction-driven design.

Top 10 AI / LLM-Related Threats

Generated 2026-02-23T06:00:19.547251+00:00

1. GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use (cloud.google.com, 2026-02-12T14:00:00)
   Score: 40.86
   Introduction In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (AI) to accelerate the attack lifecycle, achieving productivity gains in reconnaissance, social engineering, and malware development. This report serves as an update to our November 2025 findings regarding the advances in threat actor usage of AI tools. By identifying these early indicators and offensive proofs of concept, GTIG aims to arm def
2. Measuring AI Security: Separating Signal from Panic (www.rapid7.com, 2026-02-10T18:00:00)
   Score: 21.824
   The conversation around AI security is full of anxiety. Every week, new headlines warn of jailbreaks, prompt injection, agents gone rogue, and the rise of LLM-enabled cybercrime. It’s easy to come away with the impression that AI is fundamentally uncontrollable and dangerous, and therefore something we need to lock down before it gets out of hand. But as a security practitioner, I wasn’t convinced. Most of these warnings are based on hypothetical examples or carefully engineered demos. They rais
3. Assessing LLM Response Quality in the Context of Technology-Facilitated Abuse (arxiv.org, 2026-02-23T05:00:00)
   Score: 20.79
   arXiv:2602.17672v1 Announce Type: cross
   Abstract: Technology-facilitated abuse (TFA) is a pervasive form of intimate partner violence (IPV) that leverages digital tools to control, surveil, or harm survivors. While tech clinics are one of the reliable sources of support for TFA survivors, they face limitations due to staffing constraints and logistical barriers. As a result, many survivors turn to online resources for assistance. With the growing accessibility and popularity of large language m
4. Jailbreaking Leaves a Trace: Understanding and Detecting Jailbreak Attacks from Internal Representations of Large Language Models (arxiv.org, 2026-02-23T05:00:00)
   Score: 20.79
   arXiv:2602.11495v2 Announce Type: replace
   Abstract: Jailbreaking large language models (LLMs) has emerged as a critical security challenge with the widespread deployment of conversational AI systems. Adversarial users exploit these models through carefully crafted prompts to elicit restricted or unsafe outputs, a phenomenon commonly referred to as Jailbreaking. Despite numerous proposed defense mechanisms, attackers continue to develop adaptive prompting strategies, and existing models remain v
5. Beyond the Battlefield: Threats to the Defense Industrial Base (cloud.google.com, 2026-02-10T14:00:00)
   Score: 14.884
   Introduction In modern warfare, the front lines are no longer confined to the battlefield; they extend directly into the servers and supply chains of the industry that safeguards the nation. Today, the defense sector faces a relentless barrage of cyber operations conducted by state-sponsored actors and criminal groups alike. In recent years, Google Threat Intelligence Group (GTIG) has observed several distinct areas of focus in adversarial targeting of the defense industrial base (DIB). While no
6. TFL: Targeted Bit-Flip Attack on Large Language Model (arxiv.org, 2026-02-23T05:00:00)
   Score: 14.79
   arXiv:2602.17837v1 Announce Type: new
   Abstract: Large language models (LLMs) are increasingly deployed in safety and security critical applications, raising concerns about their robustness to model parameter fault injection attacks. Recent studies have shown that bit-flip attacks (BFAs), which exploit computer main memory (i.e., DRAM) vulnerabilities to flip a small number of bits in model weights, can severely disrupt LLM behavior. However, existing BFA on LLM largely induce un-targeted failur
7. Qualitative Coding Analysis through Open-Source Large Language Models: A User Study and Design Recommendations (arxiv.org, 2026-02-23T05:00:00)
   Score: 14.79
   arXiv:2602.18352v1 Announce Type: cross
   Abstract: Qualitative data analysis is labor-intensive, yet the privacy risks associated with commercial Large Language Models (LLMs) often preclude their use in sensitive research. To address this, we introduce ChatQDA, an on-device framework powered by open-source LLMs designed for privacy-preserving open coding. Our mixed-methods user study reveals that while participants rated the system highly for usability and perceived efficiency, they exhibited &q
8. Asking Forever: Universal Activations Behind Turn Amplification in Conversational LLMs (arxiv.org, 2026-02-23T05:00:00)
   Score: 12.49
   arXiv:2602.17778v1 Announce Type: cross
   Abstract: Multi-turn interaction length is a dominant factor in the operational costs of conversational LLMs. In this work, we present a new failure mode in conversational LLMs: turn amplification, in which a model consistently prolongs multi-turn interactions without completing the underlying task. We show that an adversary can systematically exploit clarification-seeking behavior$-$commonly encouraged in multi-turn conversation settings$-$to scalably pr
9. HE-LRM: Efficient Private Embedding Lookups for Neural Inference Using Fully Homomorphic Encryption (arxiv.org, 2026-02-23T05:00:00)
   Score: 11.49
   arXiv:2506.18150v3 Announce Type: replace
   Abstract: Fully Homomorphic Encryption (FHE) allows for computation directly on encrypted data and enables privacy-preserving neural inference in the cloud. Prior work has focused on models with dense inputs (e.g., CNNs), with less attention given to those with sparse inputs such as Deep Learning Recommendation Models (DLRMs). These models require encrypted lookup into large embedding tables that are challenging to implement using FHE's restrictive
10. Patch Tuesday – February 2026 (www.rapid7.com, 2026-02-11T01:58:33)
    Score: 11.003
    Microsoft is publishing 55 vulnerabilities this February 2026 Patch Tuesday . Microsoft is aware of exploitation in the wild for six of today’s vulnerabilities, and notes public disclosure for three of those. Earlier in the month, Microsoft provided patches to address three browser vulnerabilities, which are not included in the Patch Tuesday count above. Windows/Office triple trouble: zero-day security feature bypass vulns All three of the publicly disclosed zero-day vulnerabilities published to
11. Hacktivism and the Winter Olympics 2026: What We’re Seeing and What it Signals (www.rapid7.com, 2026-02-20T16:22:06)
    Score: 10.889
    The 2026 Winter Olympics have been live for several weeks, and the cyber activity many predicted is already unfolding. Threat intelligence reporting from Intel471 highlights a surge in hacktivist chatter and mobilization tied to protests and geopolitical tensions surrounding the Games. At the same time, Google’s Threat Intelligence Group has warned that hacktivists, state actors, and cybercriminal groups are actively targeting the global defense industry, including organizations that overlap wit
12. UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering (cloud.google.com, 2026-02-09T14:00:00)
    Score: 9.946
    Written by: Ross Inman, Adrian Hernandez Introduction North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) verticals. Mandiant recently investigated an intrusion targeting a FinTech entity within this sector, attributed to UNC1069 , a financially motivated threat actor active since at least 2018. This investigation revealed a tailored intrusion resulting in the deployment of seven unique malware families, including a new set
13. Build AI workflows on Amazon EKS with Union.ai and Flyte (aws.amazon.com, 2026-02-19T16:28:21)
    Score: 9.551
    In this post, we explain how you can use the Flyte Python SDK to orchestrate and scale AI/ML workflows. We explore how the Union.ai 2.0 system enables deployment of Flyte on Amazon Elastic Kubernetes Service (Amazon EKS), integrating seamlessly with AWS services like Amazon Simple Storage Service (Amazon S3), Amazon Aurora, AWS Identity and Access Management (IAM), and Amazon CloudWatch. We explore the solution through an AI workflow example, using the new Amazon S3 Vectors service.
14. StableAML: Machine Learning for Behavioral Wallet Detection in Stablecoin Anti-Money Laundering on Ethereum (arxiv.org, 2026-02-23T05:00:00)
    Score: 9.49
    arXiv:2602.17842v1 Announce Type: new
    Abstract: Global illicit fund flows exceed an estimated $3.1 trillion annually, with stablecoins emerging as a preferred laundering medium due to their liquidity. While decentralized protocols increasingly adopt zero-knowledge proofs to obfuscate transaction graphs, centralized stablecoins remain critical "transparent choke points" for compliance. Leveraging this persistent visibility, this study analyzes an Ethereum dataset and uses behavioral fe
15. Symfrog-512: High-Capacity Sponge-Based AEAD Cipher (1024-bit State) (arxiv.org, 2026-02-23T05:00:00)
    Score: 9.49
    arXiv:2602.17900v1 Announce Type: new
    Abstract: This submission includes a complete reference implementation together with deterministic test vectors and a reproducible benchmark suite. All source code, build instructions, and regression artifacts are publicly available in the project repository, enabling independent verification and reimplementation of the scheme. The AEAD construction is fully specified, including domain separation, rate and capacity choices, tag generation, and the exact fil
16. PenTiDef: Enhancing Privacy and Robustness in Decentralized Federated Intrusion Detection Systems against Poisoning Attacks (arxiv.org, 2026-02-23T05:00:00)
    Score: 9.49
    arXiv:2602.17973v1 Announce Type: new
    Abstract: The increasing deployment of Federated Learning (FL) in Intrusion Detection Systems (IDS) introduces new challenges related to data privacy, centralized coordination, and susceptibility to poisoning attacks. While significant research has focused on protecting traditional FL-IDS with centralized aggregation servers, there remains a notable gap in addressing the unique challenges of decentralized FL-IDS (DFL-IDS). This study aims to address the lim
17. FeatureBleed: Inferring Private Enriched Attributes From Sparsity-Optimized AI Accelerators (arxiv.org, 2026-02-23T05:00:00)
    Score: 9.49
    arXiv:2602.18304v1 Announce Type: new
    Abstract: Backend enrichment is now widely deployed in sensitive domains such as product recommendation pipelines, healthcare, and finance, where models are trained on confidential data and retrieve private features whose values influence inference behavior while remaining hidden from the API caller. This paper presents the first hardware-level backend retrieval data-stealing attack, showing that accelerator optimizations designed for performance can direct
18. Uncertainty-Aware Jamming Mitigation with Active RIS: A Robust Stackelberg Game Approach (arxiv.org, 2026-02-23T05:00:00)
    Score: 9.49
    arXiv:2602.18165v1 Announce Type: cross
    Abstract: Malicious jamming presents a pervasive threat to the secure communications, where the challenge becomes increasingly severe due to the growing capability of the jammer allowing the adaptation to legitimate transmissions. This paper investigates the jamming mitigation by leveraging an active reconfigurable intelligent surface (ARIS), where the channel uncertainties are particularly addressed for robust anti-jamming design. Towards this issue, we
19. Walrus: An Efficient Decentralized Storage Network (arxiv.org, 2026-02-23T05:00:00)
    Score: 9.49
    arXiv:2505.05370v3 Announce Type: replace-cross
    Abstract: Decentralized storage systems face a fundamental trade-off between replication overhead, recovery efficiency, and security guarantees. Current approaches either rely on full replication, incurring substantial storage costs, or employ trivial erasure coding schemes that struggle with efficient recovery especially under high storage-node churn. We present Walrus, a novel decentralized blob storage system that addresses these limitations th
20. How Amazon uses Amazon Nova models to automate operational readiness testing for new fulfillment centers (aws.amazon.com, 2026-02-10T18:34:09)
    Score: 9.429
    In this post, we discuss how Amazon Nova in Amazon Bedrock can be used to implement an AI-powered image recognition solution that automates the detection and validation of module components, significantly reducing manual verification efforts and improving accuracy.
21. Introducing "AI Unlocked: Decoding Prompt Injection," a New Interactive Challenge (www.crowdstrike.com, 2026-02-18T06:00:00)
    Score: 9.009
22. Carding-as-a-Service: The Underground Market of Stolen Cards (www.rapid7.com, 2026-02-12T14:00:00)
    Score: 8.96
    Rapid7 software engineer Eliran Alon also contributed to this post. Introduction Despite sustained efforts by the global banking and payments industry, credit card fraud continues to affect consumers and organizations on a large scale. Underground “dump shops” play a central role in this activity, selling stolen credit and debit card data to criminals who use it to conduct unauthorized transactions and broader fraud campaigns. Rather than fading under increased scrutiny, this illicit trade has e
23. The February 2026 Security Update Review (www.thezdi.com, 2026-02-10T18:30:28)
    Score: 8.929
    I have survived the biggest Pwn2Own ever, but I’m back in Tokyo for the second Patch Tuesday of 2026. My location never stops Patch Tuesday from coming, so let’s take a look at the latest security patches from Adobe and Microsoft. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for February 2026 For February, Adobe released nine bulletins addressing 44 unique CVEs in Adobe Audition, After Effects, InDesign, Substance 3D Designer,
24. PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence (www.securityweek.com, 2026-02-20T07:06:15)
    Score: 8.797
    The malware leverages Gemini to analyze on-screen elements and ensure that it remains on the device even after a reboot. The post PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence appeared first on SecurityWeek .
25. New e-book: Establishing a proactive defense with Microsoft Security Exposure Management (www.microsoft.com, 2026-02-19T17:00:00)
    Score: 8.657
    Read the new maturity-based guide that helps organizations move from fragmented, reactive security practices to a unified exposure management approach that enables proactive defense. The post New e-book: Establishing a proactive defense with Microsoft Security Exposure Management appeared first on Microsoft Security Blog .

Auto-generated 2026-02-23