Cyware Weekly Threat Intelligence, February 23–27, 2026
The Good
The cybersecurity world is seeing a powerful surge of momentum as NIST establishes critical security and interoperability standards for AI agents through its new RFI and identity protocols. This regulatory push is bolstered by a White House initiative to export a secure "American AI stack" to global partners, effectively countering foreign influence while accelerating domestic deployment. Rounding out these defenses, the UK government has launched a rapid Vulnerability Monitoring Service and a dedicated Cyber Profession to drastically shorten response times and bridge the specialized talent gap.
NIST launched the "AI Agent Standards Initiative" to develop standards and protocols for AI agents. The initiative focuses on improving security, interoperability, and public trust in AI agents. A request for information (RFI) on AI agent security has been issued, with responses due by March 9. NIST's National Cybersecurity Center of Excellence released a draft paper on AI agent identity and authorization, with feedback due April 2.
The White House launched initiatives to operationalize its AI action plan, including export-ready "American AI stack" packages and a U.S. Tech Corps. The initiatives aim to accelerate domestic AI deployment, expand American technology exports, and counter foreign influence over global technical standards. The American AI Exports Program packages U.S. hardware, cloud infrastructure, models, and cybersecurity controls for partner countries.
The UK government has launched a new Vulnerability Monitoring Service (VMS) and a dedicated Cyber Profession to enhance cyber resilience and protect public services. The VMS detects and resolves cyber vulnerabilities six times faster, while the Cyber Profession aims to attract and train skilled professionals to safeguard critical public services.
The Bad
This week, Agent Tesla re-emerged with phishing-led delivery, using obfuscated scripts, encrypted payloads, process hollowing, and anti-analysis checks to stealthily steal credentials via SMTP exfiltration. Researchers also exposed ResidentBat, a Belarus-linked Android spyware requiring physical access for installation and enabling deep surveillance and remote data wiping. Meanwhile, attackers continue exploiting legacy WebDAV in Windows File Explorer to deliver multi-stage campaigns that drop RATs such as XWorm, AsyncRAT, and DcRAT.
Agent Tesla uses a phishing-led infection chain involving obfuscated scripts and encrypted payloads to bypass security filters. The malware employs process hollowing to inject malicious code into legitimate Windows processes, ensuring stealthy execution. Anti-analysis techniques, such as virtualization probing and security software detection, help the malware evade detection. Agent Tesla harvests sensitive data, including credentials and browser cookies, exfiltrating them via SMTP to a command-and-control server.
ResidentBat is an Android spyware used by the Belarusian KGB for targeted surveillance of journalists and civil society, discovered in December 2025. It requires physical access for installation and provides extensive surveillance capabilities. The spyware enables operators to access SMS, call logs, encrypted messenger traffic, microphone recordings, screen captures, and device files. It also allows remote device control, including data wiping. ResidentBat’s installation involves ADB sideloading, disabling Google Play Protect, and manual permission granting, making it highly targeted but limited in scale.
Threat actors exploit Windows File Explorer's support for WebDAV, a legacy HTTP-based file management protocol, to trick victims into downloading malware. WebDAV, though deprecated in November 2023, is rarely used today, making it an obscure and exploitable attack vector. Campaigns using WebDAV for malware delivery have been active since February 2024 and often involve complex chains of payloads and legitimate files. 87% of all Active Threat Reports (ATRs) using this tactic deliver multiple Remote Access Trojans (RATs) as final payloads, including XWorm RAT, Async RAT, and DcRAT.
The Lazarus Group, a North Korean state-sponsored threat actor, has partnered with Medusa ransomware for recent attacks. Medusa ransomware transitioned to a ransomware-as-a-service (RaaS) model in 2024, aligning with Lazarus's history of extortion and financially motivated cybercrime. The Middle Eastern target was a large business, attacked purely for financial gains, not strategic or intellectual property reasons. Lazarus used additional malware, including Comebacker backdoor, Blindingcan RAT, and Infohook infostealer, in the attacks. The group employs tactics like "bring-your-own-vulnerable-driver" (BYOVD) to bypass security defenses.
In a recent cyberattack, threat actors exploited a vulnerability (CVE-2023-46604) in an Apache ActiveMQ server to gain initial access to an organization's network. Despite being evicted after the first breach, they returned 18 days later and successfully re-compromised the system. Using Remote Desktop Protocol (RDP) and credentials obtained during the first attack, they deployed LockBit ransomware, encrypting files across multiple systems. The attackers utilized tools like Metasploit, AnyDesk, and Windows CertUtil to escalate privileges, move laterally within the network, and achieve persistence.
GrayCharlie, a cybercriminal group active since mid-2023, has been targeting WordPress websites to spread the NetSupport RAT and steal sensitive data. Their methods include fake browser update prompts and ClickFix pop-ups to trick users into downloading malicious software. The malware enables attackers to gain full control of victims' systems, steal credentials, and bypass Multi-Factor Authentication (MFA) protections. The group uses compromised websites and staging infrastructure for deploying malware, with command-and-control servers hosted by providers like MivoCloud and HZ Hosting Ltd.
Arkanix Stealer was promoted on dark web forums as an AI-assisted malware experiment with modular features and anti-analysis capabilities. The project offered two tiers: a basic Python-based version and a premium C++ version with advanced functionalities like AV evasion and RDP credential theft. It targeted browser data, cryptocurrency wallets, VPN credentials, Telegram, Discord, and gaming platforms such as Epic Games and Battle.net. The operation was abruptly shut down after two months, and researchers believe it was likely a quick financial gain experiment to test AI-assisted malware development.
FortiGuard Labs identified targeted phishing campaigns in Taiwan exploiting local business processes to distribute Winos 4.0 (ValleyRat) malware. Attackers use tax-themed phishing emails with malicious LNK files, DLL sideloading, and BYOVD techniques to deliver malware. Campaign 1 involves using tax-themed lures with RAR archives containing malicious LNK files to initiate a multi-stage infection chain. Campaign 2 uses phishing emails with forged Ministry of Finance documents and e-invoice links to distribute malware via DLL sideloading.
CISA warns about two actively exploited vulnerabilities in RoundCube Webmail, including CVE-2025-49113 (RCE, CVSS 9.9) and CVE-2025-68461 (XSS, CVSS 7.2). CVE-2025-49113, introduced over a decade ago, allows attackers to inject data into a session and was patched on June 1, 2025. CVE-2025-68461, patched in December 2025, exploited improper sanitization of animate tags in SVG documents, enabling code execution in browser sessions. CISA requires federal agencies to patch these vulnerabilities within three weeks as part of its Binding Operational Directive (BOD) 22-01.
New Threats
Researchers uncovered Moonrise, a Golang-based Windows backdoor leveraging hard-coded, unencrypted WebSocket C2 channels for persistent surveillance, remote control, and crypto theft. Juniper Networks disclosed a critical RCE flaw (CVE-2026-21902) in its PTX Series running Junos OS Evolved that enables root-level compromise, with patches now released. Meanwhile, the Dohdoor campaign, linked to UAT-10027, is targeting U.S. education and healthcare entities using DoH-based C2, DLL sideloading, and EDR evasion, with overlaps noted by Cisco Talos to Lazarus-aligned tradecraft.
Moonrise is a newly documented Windows malware discovered in February 2026 by ANYRUN, designed for live surveillance, remote control, and cryptocurrency-related theft. The malware uses a WebSocket-based command-and-control (C2) architecture, favoring persistent connections over periodic HTTP polling. The C2 endpoint is hard-coded into the malware, using an unencrypted WebSocket channel (ws://), which allows easier detection but reduces stealth. Moonrise is built using Golang (Go 1.18) and is designed to operate as a lightweight yet operationally dangerous tool, with no significant obfuscation or packing layers.
A critical flaw in Juniper Networks PTX Series routers allows remote code execution with root privileges due to incorrect permission assignment. The vulnerability, CVE-2026-21902, affects Junos OS Evolved versions before 25.4R1-S1-EVO and 25.4R2-EVO, but fixes are now available. Juniper advises restricting access to vulnerable endpoints or disabling the service if immediate patching is not possible. Juniper products have historically been targeted by cyberattacks, including malware campaigns and botnet attacks.
A new malware campaign named Dohdoor, attributed to the threat actor UAT-10027, targets the education and healthcare sectors in the United States. The campaign utilizes advanced techniques such as DNS-over-HTTPS (DoH) for command-and-control (C2) communication, DLL sideloading, process hollowing, and endpoint detection and response (EDR) bypass. Cisco Talos has identified technical overlaps between this campaign and North Korean APT groups like Lazarus, although the victim profile differs from their typical targets.
ServiceNow identified CVE-2026-0542, a critical vulnerability in its AI Platform, enabling remote code execution without authentication. The vulnerability could expose sensitive workflow data, automation logic, and enterprise integrations. No active exploitation of the vulnerability has been detected as of February 25, 2026. ServiceNow released patches to address the issue, with updates available for both hosted and self-hosted customers. Organizations using ServiceNow are advised to apply the patches promptly, especially for internet-accessible systems.
Critical vulnerabilities have been discovered in VMware Aria Operations, VMware Cloud Foundation, and VMware Telco Cloud infrastructure. Among these, the most severe is CVE-2026-22719, a command injection flaw that allows unauthenticated attackers to execute remote code during system migrations. Additionally, CVE-2026-22721 enables privilege escalation, and CVE-2026-22720 is a stored Cross-Site Scripting (XSS) vulnerability. Broadcom has released patches to address these issues, though some vulnerabilities lack workarounds, making immediate patching essential.
Four critical RCE vulnerabilities in SolarWinds Serv-U were disclosed, including Broken Access Control, Type Confusion, and Insecure Direct Object Reference (IDOR). CVE-2025-40538, a Broken Access Control vulnerability, allows attackers to escalate privileges to create system admin users and execute arbitrary code as root. CVE-2025-40539 and CVE-2025-40540 are Type Confusion vulnerabilities that exploit memory safety issues for root-level code execution. CVE-2025-40541, an IDOR vulnerability, escalates to RCE as root, making it a critical threat. SolarWinds has released a patch (Serv-U 15.5.4) to address these flaws, and administrators are urged to apply the update immediately.
Starkiller is a phishing framework that uses headless browsers and reverse proxies to simulate real login pages, bypassing MFA. Traditional phishing kits are prone to detection due to static HTML clones, but Starkiller avoids this by serving live content from the legitimate site. Starkiller operates as a commercial-grade SaaS platform, complicating efforts to block or fingerprint its infrastructure.