Microsoft and Adobe Patch Tuesday, February 2026 Security Update Review

Microsoft's February 2026 Patch Tuesday focuses on closing security gaps that attackers could exploit, reinforcing the importance of timely patching in enterprise environments. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for February 2026 This month's release...

PT-2026-7353

Name of the Vulnerable Software and Affected Versions Windows NTLM affected versions not specified Description A flaw exists in Windows NTLM that permits external control of file names or paths, potentially enabling a local attacker to perform spoofing. This issue allows attackers to affect the...

CVE-2026-22444 Apache Solr: Insufficient file-access checking in standalone core-creation requests

The "create core" API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some API parameters, which can cause Solr to check the existence of and attempt to read file-system paths that should be disallowed by Solr's "allowPaths" security setting...

CVE-2026-20925

CVE-2026-20925 affects Windows NTLM and is described as an external control of the file name or path that enables spoofing (pretend to be another user) over a network. The vulnerability is assigned a CVSS v3.1 base score of 6.5 (Medium) with network attack vector and required user interaction. Co...

CVE-2026-20925

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

PT-2026-2717

CVE-2026-20872 External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. https://t.co/cZpV895UgI...

CVE-2023-50916

Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...

CVE-2025-59284

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally...

CVE-2025-59284

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally...

CVE-2025-59284 Windows NTLM Spoofing Vulnerability

...

EUVD-2020-7768

Malware in sbrugna...

EUVD-2021-18830

Malware in sbrugna...

EUVD-2023-55647

Malicious code in bioql PyPI...

EUVD-2025-2376

Malicious code in bioql PyPI...

EUVD-2022-38643

Malicious code in bioql PyPI...

EUVD-2025-6348

Malicious code in bioql PyPI...

EUVD-2025-2286

Malicious code in bioql PyPI...

CVE-2025-54918

CVE-2025-54918 describes an improper authentication flaw in Windows NTLM that enables a network-authenticated attacker to elevate privileges. The CVSS v3.1 base score is 8.8 (HIGH) with network access, low attack complexity, and privileges required. A PoC exploit exists on GitHub (CVE-2025-54918-...

CVE-2025-54918 Windows NTLM Elevation of Privilege Vulnerability

...

⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More

Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that's exactly what we saw in last week's activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No loud alerts. No obvious red flag...