Infosec bits for 2026 week 08

Zoya Vilakazi | Feb. 20, 2026, 1:23 p.m.

Cybersecurity News:

Microsoft signals breakthrough in data storage that can last for generations [Sinisa Markovic, Help Net Security]

Starkiller: New ‘Commercial-Grade’ Phishing Kit Bypasses MFA [Danny Palmer, Infosecurity Magazine]

Telegram channels expose rapid weaponization of SmarterMail flaws [Flare, Bleeping Computer]

OpenAI Launches EVMbench to Detect, Patch, and Exploit Vulnerabilities in Blockchain Environments [Guru Baran, Cyber Security News]

Vulnerabilities & Patches:

Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot [Jai Vijayan, Dark Reading]

Flaws in Popular Software Development App Extensions Allow Data Exfiltration [Kevin Poireault, Infosecurity Magazine]

Update Chrome now: Zero-day bug allows code execution via malicious webpages [Pieter Arntz, Malwarebytes]

Supply Chain Attack Embeds Malware in Android Devices [Jai Vijayan, Dark Reading]

Windows 11 KB5077181 fixes boot failures linked to failed updates [Lawrence Abrams, Bleeping Computer]

Google patches Chrome zero-day as in-the-wild exploits surface [Carly Page, The Register]

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware [Ravie Lakshmanan, The Hacker News]

Malware and Threats:

Hackers target Microsoft Entra accounts in device code vishing attacks [Bill Toulas, Bleeping Computer]

Advanced Crypto Mining Malware Spreads Through External Drives and Air-Gapped Systems [Tushar Subhra Dutta, Cyber Security News]

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging [Ravie Lakshmanan, The Hacker News]

First Android Malware Weaponizes Gemini AI to Evade Detection, Maintain Persistence [Mihir Bagwe, The Cyber Express]

Hackers Hide Malware in Emoji-Based Code to Bypass Security Defenses [Mayura Kathir, GB Hackers]

Attacks and Breaches:

Data breach at fintech firm Figure affects nearly 1 million accounts [Sergiu Gatlan, Bleeping Computer]