Cyber Brief 26-03 - February 2026

This Cyber Brief (February 2026) synthesises 303 open-source reports describing a wide range of high-impact activity: state-linked cyberespionage campaigns (APT28, China-linked groups, UNC2814/UNC6201), active exploitation of multiple CVEs and zero-days (including Dell RecoverPoint and Microsoft Office exploit CVE-2026-21509), supply-chain compromises (Notepad++ infrastructure, npm worm, OpenClaw/ClawHavoc), large-scale cybercrime targeting AI ecosystems and developers (malicious Chrome AI extensions, Next.js repos), resurgent infostealer campaigns (LummaStealer/CastleLoader), significant data breaches (Odido, FOCOBA, Substack), ransomware incidents (Qilin), and disruptive operations (DDoS against Deutsche Bahn).