Exploitation of CVE-2026-1281 and CVE-2026-1340 is “widespread and mostly automated,” according to Unit 42 researchers.
The hardcoded credential vulnerability (CVE-2026-22769) exists in Dell RecoverPoint for Virtual Machines and has been exploited since mid-2024.
Read More Chinese Actors Exploited Dell RecoverPoint for VMs Flaw Since 2024
That vulnerability also was patched in macOS, but the active exploitation that Apple disclosed was against iOS only.
The exploited vulnerabilities in question exist across various products, from Microsoft Word to Windows Shell.
Read More Microsoft Fixes Six Exploited Bugs in February Patch Tuesday Updates
UNC3886 is a Chinese espionage group known for targeting defense, tech, and telecom organizations across both the U.S. and Asia-Pacific-Japan regions.
Read More Singapore Says China-Linked Threat Actors Targeted Telecom Sector
CISA said potential exploitation of flaws in unsupported edge devices creates “a significant threat to federal property.”
Read More US Gov Directive Cracks Down on Unsupported Edge Devices
The SystemBC botnet malware has become a critical component in the modern threat landscape, often preceding a full-scale ransomware deployment.
Read More New SystemBC Botnet Activity Targets Systems Worldwide
