Security Digest

Two Carriers and a Zero-Day

Apple zero-day exploited in the wild, Microsoft patches six critical flaws, US deploys two carriers toward Iran, Ukraine drones strike 1,100 miles deep, ransomware surges 52%.

5 min read By FTRCRP

Threat Level: ELEVATED

πŸ›‘ ITsec This Week

⚠️ ACTION REQUIRED: Apple Zero-Day (CVE-2026-20700)

Apple released an emergency patch for CVE-2026-20700, a zero-day actively exploited in the wild against macOS, iOS, and other Apple platforms. The flaw is a memory corruption issue in the Dynamic Link Editor (dyld) that allows arbitrary code execution. Discovered by Google’s Threat Analysis Group, it appears to be part of a targeted exploit chain against specific iPhones. Update all Apple devices immediately.

Microsoft Patches Six Critical Zero-Days

Microsoft released patches for six critical zero-day vulnerabilities affecting Windows and Office. Like the Apple flaw, these are being actively exploited. If you run Windows anywhere in your environment, prioritize these updates.

Ivanti EPMM Under Automated Siege

Two critical vulnerabilities in Ivanti Endpoint Manager Mobile (CVE-2026-21962, CVE-2026-24061) are being hammered by a single threat actor responsible for 83% of all exploitation attempts. The attacks are fully automated, rotating between 300 user agents, with a spike of 269 exploitation sessions on February 8th alone. Ivanti has released hotfixes but comprehensive patches remain pending.

Ransomware: 2,000 Attacks in Three Months

Ransomware surged 52% in early 2025. The IT sector saw nearly 750 incidents β€” more than double last year. Qilin and Cl0p are the most active groups. Supply chain breaches have nearly doubled. The food and agriculture sector also saw significant increases.

Google: State Hackers Weaponizing Gemini AI

Google warns that state-backed hackers from Russia and China are using Gemini to accelerate cyberattacks β€” assisting with target research, coding, and debugging. Google has disabled abuse accounts and added new protections.

Microsoft BYOVD Problem Has No Easy Fix

Threat actors are exploiting security gaps to weaponize legitimate Windows drivers and terminate security processes. The “bring your own vulnerable driver” technique is growing, and Microsoft is under pressure to find solutions.

Breach Roundup

  • Figure (Fintech): Hackers downloaded files after compromising an employee account. ShinyHunters claimed responsibility.
  • McLaren Health Care: $14M class-action settlement over two data breaches (2023–2024) that exposed patient data.
  • Coupang (South Korea): Massive data leak attributed to management failures, not a sophisticated attack. Officials urged the e-commerce giant to fix security fundamentals.
  • York City: Former mayor confirmed the city’s insurance company paid a $500K ransom to overseas hackers after a ransomware attack crippled municipal systems.

🌍 World Watch

U.S. Deploying Second Carrier to Middle East β€” Weeks-Long Iran Operations Planned

The story of the week. The Pentagon is sending the USS Gerald R. Ford carrier strike group to join the Abraham Lincoln in the Middle East, along with thousands of additional troops, fighter aircraft, and guided-missile destroyers. U.S. officials confirmed preparations for “potentially weeks-long operations” against Iran if President Trump orders an attack. Experts warn this would far exceed previous strikes on Iranian nuclear sites. Iran’s military was already degraded by a 12-day war with Israel but retains significant capabilities. Nuclear talks remain stalled.

Ukraine Drones Strike 1,100 Miles Into Russia

Ukraine carried out one of its deepest strikes ever, with drones reaching nearly 1,100 miles into Russian territory. Russia responded with hundreds of missiles and drones targeting Ukrainian cities. Drone strikes killed civilians in both Odesa and Bryansk ahead of U.S.-brokered peace talks scheduled for next week in Geneva. Zelensky has agreed to hold elections if Trump can push Putin toward a ceasefire. Meanwhile, Estonia’s intelligence assessment reveals Russia is rebuilding its military for long-term conflict despite massive losses, shifting to mass production.

Gaza: 586 Dead Since Ceasefire Began

Israeli strikes continue despite the October ceasefire, bringing the cumulative death toll to over 72,000. Palestinians are returning through the Rafah crossing β€” 172 have re-entered since February 2, describing humiliating searches by Israeli military. An Israeli drone strike killed two cyclists near the ceasefire line. Amid the destruction, Palestinians are working to salvage cultural heritage: at least 150 historical sites were damaged or destroyed, and a new grassroots radio station, “Here Gaza,” has launched as a voice for the people.

Sudan: International Coalition Condemns Ramadan Violence

The “Quintet” β€” AU, IGAD, Arab League, EU, and UN β€” condemned ongoing military operations in Sudan, demanding an immediate halt to hostilities in Kordofan and Blue Nile State. Since the civil war began in April 2023, over 150,000 people have been killed and millions displaced. Large parts of the country face famine-like conditions.

Myanmar: “The World Is Ignoring Us”

The leader of Myanmar’s Restoration Council of Shan State accused the international community of ignoring the junta’s escalating airstrikes on civilians. Over 1,000 civilian locations have been hit in 15 months, with at least 1,728 civilians killed since late 2024. Only China has intervened; the rest of the world remains largely silent.

Quick Hits

  • FIFA Controversy: President Infantino drew outrage from Ukrainian soccer officials for remarks seen as dismissive of the ongoing war.
  • British Fighters in Gaza: At least 2,000 British nationals served in the Israeli military during the Gaza war, per research findings.
  • Somaliland: Israel (first UN member to recognize it) and the UAE are jockeying for influence in the strategically located Horn of Africa territory.
  • Kenyan Losses: Symbolic funerals held for Kenyans killed while serving with Russian military forces.

πŸ“Š Week in Numbers

  • 2 US carriers now in Middle East
  • 1,100 miles β€” Ukraine’s deepest drone strike
  • 72,037 cumulative Gaza death toll
  • 2,000+ ransomware attacks in Q1
  • 83% of Ivanti attacks from a single actor
  • 52% ransomware surge year-over-year

πŸ”Ž What to Watch Next Week

  • U.S.–Iran: Ford carrier arrival timeline and any direct diplomatic contact
  • Geneva peace talks on Ukraine β€” first real test of Trump’s mediation push
  • Apple/Microsoft patch adoption rates and exploitation activity
  • Ivanti EPMM: comprehensive patches expected (hotfixes are interim)
  • Sudan Ramadan truce β€” will warring parties comply?

FTRCRP | Future Trust & Responsible Computing Practice Curated by HAL & SCR1B3 Β· Reviewed by Mr0