February 17, 2026 Cyber Threat Intelligence Briefing

kroll logo
Kroll
Feb 17, 2026
Kroll

This week’s briefing covers:

00:00 – Intro

00:36 [PATCHING] Microsoft Patch Tuesday Addresses 61 Issues, Six Zero-Days
Microsoft has fixed 61 vulnerabilities in February’s patch cycle and Microsoft Edge releases.

01:51 [CAMPAIGN] UNC1069 AI Video-Enabled ClickFix Campaign
he intrusion relied on a social engineering scheme involving a compromised Telegram account, a fake Zoom meeting, a ClickFix infection vector, and reported usage of AI-generated video to deceive the victim.

04:54 [VULNERABILITY] Critical RCE in BeyondTrust Remote Access Products (CVE-2026-1731)
BeyondTrust has disclosed a critical vulnerability in its RS and PRA platforms. The flaw tracked as CVE-2026-1731 with a CVSS score of 9.9 allows a remote attacker who is not authenticated to run operating system commands using the site user’s permissions.

07:24 [RANSOMWARE] Reynolds Ransomware and Embedded Evasion Tactics
Threat group KTA529 (also known as Lotus Blossom, Spring Dragon, Billbug and Thrip) compromised Notepad++ hosting infrastructure between June and December 2025, intercepting update traffic to deliver a previously undocumented backdoor named CHRYSALIS.

Dive deeper:

Kroll’s Monthly Threat Intelligence Spotlight Report: https://www.kroll.com/en/reports/cyber/threat-intelligence-reports/cti-spotlight-trends-report

Kroll’s Q4 2024 Cyber Threat Landscape: https://www.kroll.com/en/reports/cyber/threat-intelligence-reports/q4-2024-threat-landscape-report-phishing

Kroll’s 2025 Cyber Threat Landscape Report: Cybercrime in the Crypto Era: https://www.kroll.com/Reports/Cyber/Threat-Intelligence-Reports/Threat-Landscape-Report-Lens-on-Crypto

Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: https://www.youtube.com/playlist

Kroll Cyber Blog: https://www.kroll.com/en/insights/cyber

Kroll Cyber Threat Intelligence: https://www.kroll.com/en/services/cyber/threat-intelligence-services

Kroll Threat Intelligence Reports: https://www.kroll.com/en/reports/cyber/threat-intelligence-reports

Kroll Responder MDR: https://www.kroll.com/en/services/cyber/kroll-responder

#krollcyber #threatintelligence #cyberthreats

Copyright © 2026 OpsMatters™. All rights reserved.