Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Update: Arctic Wolf Observes Threat Campaign Targeting BeyondTrust Remote Support Following CVE-2026-1731 PoC Availability

Feb 13, 2026 By Andres Ramos In Arctic Wolf
Since our previous security bulletin, Arctic Wolf has observed malicious activities in the wild tied to suspected exploitation of CVE-2026-1731 of self-hosted BeyondTrust Remote Support and Privileged Remote Access deployments. We are sharing threat intelligence related to this activity to help defenders protect against this campaign. CVE-2026-1731 allows unauthenticated remote threat actors to execute operating system commands in the context of the site user via specially crafted requests.
Read Post
Arctic Wolf

From Operations to Policy: Contributing to the Global Fight Against Ransomware

Feb 12, 2026 By Ismael Valenzuela In Arctic Wolf
Today, the government of Canada issued a statement announcing that Arctic Wolf will continue to co-chair the Counter Ransomware Initiative Public-Private Sector Advisory Panel in 2026, alongside Public Safety Canada and BlackBerry. The panel will also include member organizations such as Ensign InfoSecurity, the Institute for Security and Technology, Microsoft, Palo Alto Networks, and the Royal United Service Institute.
Read Post
Arctic Wolf

CVE-2026-21643: Critical SQL Injection in FortiClientEMS

Feb 9, 2026 By Julian Tuin In Arctic Wolf
On February 6, 2026, Fortinet released fixes for a critical vulnerability in FortiClientEMS, tracked as CVE-2026-21643. The flaw arises from improper neutralization of special elements used in SQL commands in the FortiClientEMS GUI (web interface) that can allow an unauthenticated remote threat actor to execute unauthorized code or commands.
Read Post
Arctic Wolf

CVE-2026-1731: Unauthenticated OS Command Injection Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

Feb 9, 2026 By Andres Ramos In Arctic Wolf
On February 6, 2026, BeyondTrust released fixes for a critical vulnerability affecting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA), tracked as CVE‑2026‑1731. This vulnerability allows unauthenticated remote threat actors to execute operating system commands in the context of the site user via specially crafted requests.
Read Post

What Are Insider Threats?

Feb 5, 2026 By Arctic Wolf Networks In Arctic Wolf
Cybersecurity isn’t only about defending against external attackers. Some of the most damaging risks come from within an organization. These are known as insider threats. An insider threat occurs when someone with authorized access—whether intentionally malicious or simply negligent—compromises systems, exposes data, or undermines security controls. This can result in data breaches, financial loss, regulatory issues, and long‑term reputational damage.
View Video

What Is Phishing?

Feb 5, 2026 By Arctic Wolf Networks In Arctic Wolf
Phishing remains one of the most widespread and damaging cyber threats facing organizations today. Attackers craft deceptive messages designed to trick users into revealing credentials, financial information, or installing malware. To make matters worse, the tactics continue to evolve. Originating in the mid‑1990s, phishing has grown into a sophisticated weapon. Modern attackers now use AI, social media intelligence, and high‑quality impersonation techniques to create convincing campaigns that are harder than ever to detect.
View Video
Arctic Wolf

Notepad++ Publishes Full Details of 2025 Compromise

Feb 3, 2026 By Andres Ramos In Arctic Wolf
On February 2, 2026, the Notepad++ open source project disclosed new details about a supply chain compromise that impacted its update delivery infrastructure between June and December 2025. The attack was attributed to state-sponsored threat actors with links to China. In this campaign, the threat actors had gained access to a third-party hosting provider used by Notepad++ to distribute updates.
Read Post
Arctic Wolf

The Role of Artificial Intelligence in Zero Trust Cybersecurity Frameworks

Feb 3, 2026 By Arctic Wolf In Arctic Wolf
Artificial intelligence (AI) is no longer an experimental capability in cybersecurity; it is foundational to modern security operations. Organizations are operating in environments defined by cloud-first infrastructure, remote and hybrid workforces, SaaS sprawl, and identity-centric attack patterns. At the same time, threat actors increasingly rely on automation and AI to accelerate reconnaissance, credential abuse, and post-compromise activity.
Read Post
Arctic Wolf

CVE-2026-1281 and CVE-2026-1340: Unauthenticated RCE Zero-Day Vulnerabilities in Ivanti Endpoint Manager Mobile

Jan 30, 2026 By Andres Ramos In Arctic Wolf
On January 29, 2026, Ivanti released fixes for two critical zero-day code injection vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). The vulnerabilities, tracked as CVE-2026-1281 and CVE-2026-1340, impact the In-House Application Distribution and Android File Transfer Configuration features and allow unauthenticated remote threat actors to achieve remote code execution.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.