OPS INTEL

HIGH 85% confidence cve

CISA Adds One Known Exploited Vulnerability to Catalog

['CISA adds CVE-2026-1731 to its KEV catalog due to active exploitation. BeyondTrust Remote Support and Privileged Remote Access OS Command Injection. Read full

['The addition of a new entry in the KEV catalog requires immediate attention due to potential risks from active exploitation.', "BeyondTrust's RS and PRA have an OS Command Injection vulnerability that can be exploited

FCEB agenciesAll organizations

action items (2)

• Review system configurations and assess exposure to CVE-2026-1731.
• Implement necessary security measures and monitor for any signs of exploitation.

CISA Current Activity · 2026-02-20T02:29

HIGH 90% confidence advisory

AI-Powered Defense for Serverless Security

['Discover how AI can strengthen your serverless security with a defense-in-depth architecture.', 'Learn about the latest in AI-driven security measures for.

['Cyber threats evolve using AI, necessitating advanced defense strategies for serverless microservices.', 'Traditional perimeter-based security is inadequate against modern AI-driven attacks.']

Enterprise customersServerless microservices

action items (2)

• Review current security measures for AI-assisted threats
• Integrate AI tools to enhance threat detection capabilities

AWS Security Blog · 2026-02-20T02:29

HIGH 90% confidence outage

Fake Incident Report Phishing Campaign

['Operators警惕：假冒事件报告被用于钓鱼攻击，提高警觉防止信息泄露。', '今天早上收到了一封有趣的钓鱼邮件，假冒的事件报告用于诱骗点击。'] Includes severity, confidence, and actionable response guidance for operators.

['此攻击利用了操作人员在日常工作中对安全事件通报的习惯反应，诱使他们在未仔细审查的情况下采取快速行动，从而导致潜在的数据泄露或系统入侵。']

IT管理员网络安全人员

action items (2)

• 提高安全意识，识别钓鱼攻击模式
• 与团队分享此信息并进行培训

SANS ISC · 2026-02-20T02:29

HIGH 95% confidence outage

CISA Adds Four New Known Exploited Vulnerabilities to Catalog

['CISA adds four new vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation. These include. Read full ops

['The vulnerabilities listed in the KEV Catalog represent significant risks to organizations as they are actively being exploited by malicious cyber actors.', 'CISA updates its catalog regularly based on new evidence of

Microsoft WindowsSynacor Zimbra Collaboration Suite (ZCS)TeamT5 ThreatSonar Anti-Ransomware SolutionGoogle Chromium

action items (3)

• Review CISA's KEV Catalog regularly and prioritize remediation based on severity and applicability.
• Ensure compliance with BOD 22-01 for Federal Civilian Executive Branch (FCEB) agencies, if applicable.
• Develop a comprehensive strategy to address known exploited vulnerabilities in your environment.

CISA Current Activity · 2026-02-20T02:28

CRITICAL 95% confidence outage

China-linked Attackers Exploit Dell Zero-Day Since Mid-2024

Chinese attackers have been exploiting a severe hardcoded credential bug in Dell's RecoverPoint for Virtual Machines as a zero-day since mid-2024, deploying.

['To establish long-term persistence on compromised systems']

Dell RecoverPoint for Virtual Machines users

action items (2)

• Update systems to the latest firmware and software versions
• Conduct a thorough security audit of affected devices

The Register · 2026-02-20T02:28