ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.

Authentication Failures (A07) show the largest gap in the dataset: a 48-percentage-point difference between leaders and the field. Leaders fix at nearly 60%, while the field sits at roughly 12%.

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.

Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.

Three China-linked clusters targeted a Southeast Asian government in 2025, deploying multiple malware families to secure persistent access.

M secrets leaked in 2025, up 34% YoY, driven by AI growth and poor remediation, expanding enterprise attack surfaces.

AI-driven development accelerated credential sprawl in 2025, with 28.65M secrets detected, expanding attack surface and remediation strain.

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

Coruna reuses Triangulation kernel exploits targeting iOS 13–17.2.1 devices, expanding attacks into mass exploitation ...

Behavior-first triage with unified cross-platform analysis cuts workload 20% and MTTR by 21 minutes, accelerating SOC response.

Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.

Lack of foundational cybersecurity context weakens risk prioritization, causing misaligned tools and slower incident response ...