# Today's Top Stories

A Russian-speaking threat actor leveraged commercial AI services to compromise over 600 FortiGate devices across 55 countries between January 11 and February 18, 2026. Amazon Threat Intelligence tracked this financially motivated campaign, demonstrating how cybercriminals are integrating generative AI tools into large-scale infrastructure attacks targeting enterprise firewalls.

Amazon warned that a Russian-speaking hacker used multiple generative AI services to breach more than 600 FortiGate firewalls across 55 countries in just five weeks. This campaign represents a significant escalation in AI-assisted cyberattacks, with threat actors weaponizing commercial AI tools to automate and scale network infrastructure compromises.

CVE-2026-2329, a critical vulnerability in Grandstream phones, allows unauthenticated remote code execution with root privileges and exposes calls to interception. This flaw poses significant risks to enterprise VoIP communications, as attackers can gain full system control and eavesdrop on sensitive conversations without any authentication requirements.

CISA added two actively exploited Roundcube webmail vulnerabilities to its KEV catalog on Friday: CVE-2025-49113 (CVSS 9.9) for deserialization of untrusted data allowing remote code execution, and another unspecified flaw. Organizations using Roundcube must prioritize patching as these vulnerabilities are being exploited in the wild by threat actors.

Intellexa's Predator spyware can hook iOS SpringBoard to hide recording indicators while secretly streaming camera and microphone feeds to operators. This advanced evasion technique allows the commercial spyware to bypass Apple's privacy protections, enabling covert surveillance on iOS devices without alerting users to active recording sessions.

Arkanix Stealer, an information-stealing malware promoted on dark web forums in late 2025, was likely developed as an AI-assisted experiment. This short-lived operation demonstrates how cybercriminals are experimenting with AI tools for malware development, potentially lowering barriers to entry for less skilled threat actors.

Anthropic launched Claude Code Security, a limited research preview feature for Enterprise and Team customers that scans codebases for vulnerabilities and suggests targeted patches. This AI-powered vulnerability scanning capability represents a significant advancement in automated security testing, potentially accelerating the identification and remediation of code-level security flaws.

EC-Council launched its Enterprise AI Credential Suite with four new AI certifications and Certified CISO v4, addressing $5.5 trillion in global AI risk exposure and the need to reskill 700,000 U.S. workers. These certifications aim to bridge the gap between rapid AI adoption and cybersecurity workforce readiness in enterprise environments.

A major government research lab, apparently NIST, revoked after-hours access for "noncitizens" last month, suggesting policy changes affecting foreign scientists at critical U.S. research facilities. This development could impact international collaboration on cybersecurity research and standards development at one of America's key technology institutions.

A study examined how rocket launches pollute the atmosphere, raising questions about whether the global atmospheric commons will become an industrial waste dumping ground. While not directly cybersecurity-related, this research could inform environmental impact assessments for space-based cybersecurity infrastructure and satellite communications systems.