Weekly IT Security Recap

Cybersecurity news rarely follows a straight path. This week’s highlights include sharp turns in the form of exploited vulnerabilities, malware campaigns, and security breaches.

Threat of the Week: Dell RecoverPoint for VMs Zero-Day Exploited

A critical vulnerability (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines has been exploited by a threat cluster dubbed UNC6201 since mid-2024. The flaw, rated CVSS 10.0, involves hard-coded credentials that could be used to upload malicious web shells and execute commands as root.

Top News

Former Google Engineers Indicted for Trade Secret Theft: Two former Google employees and a third party have been indicted in the U.S. for allegedly stealing trade secrets from Google and other tech firms, transferring sensitive files to unauthorized locations including Iran.

PromptSpy Android Malware Uses AI for Persistence: ESET researchers discovered PromptSpy, an Android malware that leverages generative AI (Google Gemini) to set up persistence on the device. This campaign is likely targeting users in Argentina.

New Malware and Vulnerabilities

Keenadu: Pre-Installed Android Backdoor: Kaspersky reported a new backdoor malware, Keenadu, embedded deep into device firmware to harvest data and control the device remotely. It can infect other apps and run with high privileges.

Trending CVEs

• CVE-2026-22769 (Dell RecoverPoint for Virtual Machines)
• CVE-2026-25926 (Notepad++)
• CVE-2026-26119 (Microsoft Windows Admin Center)

And more, including vulnerabilities in Grandstream GXP1600 series, Live Server, Airleader Master, and others.

元記事: https://thehackernews.com/2026/02/weekly-recap-double-tap-skimmers.html