Google patches first Chrome zero-day exploited in attacks this year
Google released emergency updates for Chrome to fix CVE-2026-2441, which it says is being exploited in the wild. The issue is a use-after-free linked to iterator invalidation in Chrome’s handling of CSS font feature values. Google did not share exploit details, which usually means defenders should assume active scanning and targeted use are both possible. Action: force-update Chrome across managed endpoints and verify version compliance for any lagging devices.
SmarterTools network breached using auth-bypass attack against single unpatched virtual machine
SmarterTools disclosed a ransomware incident traced back to an unpatched SmarterMail VM that was missed in their update process. The entry point was an authentication bypass flaw in SmarterMail (CVE-2026-23760) affecting versions before Build 9518, enabling admin password reset and full access. The company says business applications and customer portals were not impacted due to network isolation, but office and certain data center systems were affected. Action: confirm all SmarterMail instances are inventoried and upgraded to Build 9518 or newer, and hunt for “forgotten” VMs and shadow IT.
Dutch telecom Odido hacked, 6 million accounts affected
Odido reported a breach impacting personal information from more than six million accounts, describing it as unauthorized access to a system used to contact customers. Reported exposed data includes names, phone numbers, email addresses, bank account numbers, birth dates, and passport numbers. Odido said it began investigating on February 7 and that unauthorized access has been terminated, with phone services remaining safe to use. Expect downstream fraud and phishing using the stolen identity data.
Georgia healthcare company data breach impacts more than 620,000
ApolloMD reported to regulators that 626,540 people were affected by an incident where attackers accessed its IT environment between May 22 and May 23, 2025. Exposed data included names, dates of birth, addresses, diagnoses, dates of service, treatments, health insurance data, and Social Security numbers. The incident was previously disclosed to customers in September, with the larger count reflected in a newer filing. Action: for healthcare providers and vendors, prioritize third-party risk reviews and tighten monitoring around short-duration intrusions that still enable large-scale data access.
Chipmaker Patch Tuesday: Over 80 Vulnerabilities Addressed by Intel and AMD
Intel and AMD published February advisories covering dozens of fixes across CPUs and drivers. AMD’s updates include graphics driver issues plus fixes for EPYC and EPYC Embedded processors, along with a high-severity privilege escalation bug in uProf and additional issues in Vivado. This is a reminder that platform risk is not only OS and apps, firmware and driver patching matter, especially on developer workstations and server fleets. Action: align BIOS, microcode, and driver updates with your patch program and track where vendor guidance requires coordinated updates.
Kimwolf Botnet Swamps Anonymity Network I2P
An IoT botnet called Kimwolf flooded the I2P anonymity network with a large influx of routers, degrading connectivity and causing widespread disruption. Reporting indicates Kimwolf operators attempted to use I2P as a fallback command and control path, effectively creating a Sybil-style attack against the network. The botnet has been associated with mass compromise of poorly secured IoT devices and large DDoS activity since late 2025. Action: treat consumer-grade IoT as hostile by default, segment it aggressively, and monitor for anomalous outbound connections and sudden spikes in connection counts.
