Infosec bits for 2026 week 07

Heloise Meyer | Feb. 13, 2026, 11:37 a.m.

Cybersecurity News:

Shai-hulud: The Hidden Costs of Supply Chain Attacks [Alexander Culafi, Dark Reading]

More than 135,000 OpenClaw instances exposed to internet in latest vibe-coded disaster [Brandon Vigliarolo, The Register]

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix [Kevin Poireault, Infosecurity Magazine]

Microsoft: New Windows LNK spoofing issues aren't vulnerabilities [Sergiu Gatlan, Bleeping Computer]

Vulnerabilities & Patches:

Critical Fortinet FortiClientEMS flaw allows remote code execution [Pierluigi Paganini, Security Affairs]

BeyondTrust warns of critical RCE flaw in remote support software [Sergiu Gatlan, Bleeping Computer]

SAP Patches Critical CRM, S/4HANA, NetWeaver Vulnerabilities [Ionut Arghire, Security Week]

Microsoft's Valentine's gift to admins: 6 exploited zero-day fixes [Jessica Lyons, The Register]

800,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in WPvivid Backup WordPress Plugin [István Márton, Wordfence]

Data Breaches & Exposures:

Flickr Security Incident Tied to Third-Party Email System [Eduard Kovacs, SecurityWeek]

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks [Pierluigi Paganini, Security Affairs]

Cyberattacks:

New Linux botnet SSHStalker uses old-school IRC for C2 comms [Bill Toulas, Bleeping Computer]

AI/LLM-Generated Malware Used to Exploit React2Shel [Darktrace, Darktrace]

Nation-State Actors Exploit Notepad++ Supply Chain [Unit 42, Unit 42]

Fake AI Chrome extensions with 300K users steal credentials, emails [Bill Toulas, Bleeping Computer]

Tooling:

OpenClaw Scanner: Open-source tool detects autonomous AI agents [Mirko Zorz, Help Net Security]