Phishing remains one of the most effective tools in the cybercriminal arsenal, especially when threat actors abuse the credibility of trusted institutions and familiar digital services to increase victim interaction. In late March 2026, CERT-UA revealed a phishing campaign tracked as UAC-0255 in which attackers impersonated the agency and attempted to infect organizations across Ukraine’s public and private sectors with the AGEWHEEZE RAT.

Detect UAC-0255 Attacks Covered in CERT-UA#21075

Europol notes that phishing remains the main distribution vector for data-stealing malware, reflecting how email- and URL-driven social engineering remains central to malware delivery. The same pattern is visible across the phishing activity CERT-UA has been documenting against Ukraine throughout 2026. 

Earlier this year, CERT-UA reported a UAC-0190 campaign targeting the Ukrainian Armed Forces with the PLUGGYAPE backdoor, and later disclosed UAC-0252 activity in which emails impersonating central executive authorities and regional administrations lured victims into running SHADOWSNIFF and SALATSTEALER payloads. The latest UAC-0255 attack covered in CERT-UA#21075 alert fits the same broader trend, with threat actors now abusing CERT-UA’s own identity to make the lure more convincing and expand targeting across both public and private sector organizations. 

Register for the SOC Prime Platform to proactively detect UAC-0255 and similar attacks at the earliest stages possible. Just press Explore Detections below and access a relevant detection rule stack, enriched with AI-native CTI, mapped to the MITRE ATT&CK® framework, and compatible with multiple SIEM, EDR, and Data Lake technologies.

Explore Detections

Security experts can also use the “CERT-UA#21075” tag based on the relevant CERT-UA alert identifier to search for the detection stack directly and track any content changes. For more rules to detect adversary-related attacks, cyber defenders can search the Threat Detection Marketplace library using the “UAC-0255” tag.

Cybersecurity professionals can also rely on Uncoder AI to analyze threat intelligence in real time, generate Attack Flows, Sigma rules, simulations and validations, design detections in 56 languages, and create custom agentic workflows. Visit https://socprime.ai/ to learn more.

Analyzing UAC-0255 Attacks Impersonating CERT-UA to Deploy AGEWHEEZE

On March 26–27, 2026, CERT-UA identified a phishing campaign in which attackers impersonated the agency and urged recipients to download password-protected archives from the Files.fm service, including “CERT_UA_protection_tool.zip” and “protection_tool.zip.” The archives contained malicious content presented as specialized software to be installed by targeted organizations. 

Malicious emails were distributed broadly across Ukraine and targeted government organizations, medical centers, security firms, educational institutions, financial organizations, software development companies, and other entities, highlighting the campaign’s reach across both public and private sectors.

​​CERT-UA#21075 alert also details the discovery of the fraudulent website cert-ua[.]tech, which reused materials from the official cert.gov.ua website and included instructions for downloading the fake protection tool. This helped the attackers reinforce the legitimacy of the lure and increase the chances of user interaction by abusing trust in Ukraine’s Computer Emergency Response Team.

The executable offered for installation was determined to be a multifunctional remote access malware strain tracked by CERT-UA as AGEWHEEZE. AGEWHEEZE is a Go-based RAT that supports a broad set of remote administration capabilities. In addition to standard functions such as command execution and file management, the malware can stream screen content, emulate mouse and keyboard input, interact with the clipboard, manage processes and services, and open URLs on the compromised host.

The malware’s command-and-control infrastructure was hosted on the network of French provider OVH (AS16276). On port 8443/tcp, researchers observed a web page titled “The Cult” containing an authentication form, while the HTML source included russian-language strings noting about blocked access to the service. CERT-UA also found that the associated self-signed SSL certificate had been created on March 18, 2026, and that the Organization field contained the value “TVisor.”

During a review of the AI-generated cert-ua[.]tech website, CERT-UA found embedded references to the CyberSerp Telegram channel, including the phrase “With Love, CYBER SERP.” On March 28, 2026, the same Telegram channel publicly claimed responsibility for the attack, helping remove uncertainty around the technical attribution. Based on these findings, CERT-UA assigned the activity the identifier UAC-0255.

Despite the breadth of targeting, CERT-UA assessed the attack as unsuccessful. Investigators identified only several infected personal devices belonging to employees of educational institutions, and the response team provided the necessary practical and methodological assistance. 

MITRE ATT&CK Context

Leveraging MITRE ATT&CK offers in-depth insight into the latest UAC-0255 phishing campaign impersonating CERT-UA. The table below displays all relevant Sigma rules mapped to the associated ATT&CK tactics, techniques, and sub-techniques.

The post UAC-0255 Attack Detection: Threat Actors Impersonate CERT-UA to Infect Ukrainian Public and Private Sector Organizations With AGEWHEEZE RAT appeared first on SOC Prime.

Just a little over a month after fixing the actively exploited CVE-2026-20700 zero-day, Apple has now issued its first Background Security Improvements release to address CVE-2026-20643, a WebKit vulnerability that could allow maliciously crafted web content to bypass the Same Origin Policy, one of the browser’s core security boundaries.

The issue in the limelight adds to the constantly rising vulnerability threat. Experts forecast that 2026 will be the first year to surpass 50,000 published CVEs, with a median estimate of 59,427 and a realistic possibility of far higher totals. At the same time, the NIST has already recorded over 13K+ vulnerabilities this year, underscoring the growing scale defenders must monitor.

Sign up for the SOC Prime Platform to access the global marketplace of 800,000+ detection rules and queries made by detection engineers, updated daily, and enriched with AI-native threat intel to proactively defend against emerging threats. 

Just click the Explore Detections below and immediately reach the extensive detection stack filtered out by “CVE” tag. All detections are compatible with dozens of SIEM, EDR, and Data Lake formats and are mapped to MITRE ATT&CK®. 

Explore Detections

Security experts can also leverage Uncoder AI to accelerate detection engineering end-to-end by generating rules directly from live threat reports, refining and validating detection logic, visualizing Attack Flows, converting IOCs into custom hunting queries, and instantly translating detection code across diverse language formats.

CVE-2026-20643 Analysis

CVE-2026-20643 affects WebKit, the browser engine behind Safari and a wide range of Apple web content handling across iPhone, iPad, and Mac. Apple’s advisory says the flaw could allow maliciously crafted web content to bypass the Same Origin Policy because of a cross-origin issue in the Navigation API.

Notably, the Same Origin Policy is one of the web’s foundational protections. It is meant to stop one website from reaching into the data, sessions, or active content of another. When this boundary is breached, a malicious webpage may access data from another site, undermining one of the basic rules browsers rely on to keep web activity separate and private.

The exposure is broader than Safari alone. WebKit powers Safari, many third-party browsers on iOS and iPadOS, and in-app web views across Apple platforms. In practice, that means the vulnerable component is exercised not only when a user browses the web directly, but also when apps load embedded web content. 

Apple has not mentioned that CVE-2026-20643 was exploited in the wild, and its advisory focuses on the technical impact rather than observed attack activity. Still, the issue resides in a high-exposure component that processes untrusted web content constantly. In enterprise environments, a flaw that weakens browser isolation can increase the risk of session abuse, cross-site data access, and follow-on compromise through malicious or compromised web content. 

What makes Apple’s latest release especially notable is how the vendor delivered the fix. Background Security Improvements is designed to ship smaller security patches between full software updates. It is currently available on the latest versions of iOS, iPadOS, and macOS. In the case of CVE-2026-20643, Apple used the new mechanism to push a WebKit fix directly to supported devices instead of waiting for a broader release.

CVE-2026-20643 Mitigation

Apple addressed CVE-2026-20643 through its first Background Security Improvements release for supported iPhone, iPad, and Mac devices. The fix was shipped as the corresponding “(a)” update for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2, with Apple citing improved input validation as the remediation. Security researcher Thomas Espach was credited with reporting the flaw.

Apple says Background Security Improvements are managed from the Privacy & Security menu. Apple recommends keeping Automatically Install enabled so devices receive these fixes between normal software releases.

Notably, if Background Security Improvements are turned off, the device will not receive these protections until they are included in a later software update. Apple also says that removing an installed Background Security Improvement reverts the device to the baseline software version without any applied background security patches. For that reason, the safest path is to leave automatic installation on and avoid removing the update unless a compatibility issue makes it necessary.

Additionally, by leveraging SOC Prime’s AI-Native Detection Intelligence Platform backed by top cyber defense expertise, global organizations can adopt a resilient security posture and transform their SOC to always stay ahead of emerging threats tied to zero-day exploitation.

The post CVE-2026-20643: Vulnerability in WebKit Navigation API May Bypass Same Origin Policy appeared first on SOC Prime.

Chrome zero-days continue to pose a major risk for cyber defenders. Earlier this year, Google patched CVE-2026-2441, the first actively exploited Chrome zero-day of 2026. Now, another emergency update has been released, fixing two more flaws already exploited in the wild, CVE-2026-3910 in Chrome’s V8 JavaScript and WebAssembly engine and CVE-2026-3909, an out-of-bounds write bug in Skia.

Google describes CVE-2026-3910 as an inappropriate implementation issue in Chrome V8. In essence, a crafted HTML page may allow a remote attacker to execute arbitrary code inside the browser sandbox. 

The latest Chrome emergency patch lands against an increasing zero-day threat. Google Threat Intelligence Group tracked 90 zero-days exploited in the wild in 2025, up from 78 in 2024, and found that enterprise technologies accounted for 43 cases, or a record 48% of observed exploitation.

Register for SOC Prime’s AI-Native Detection Intelligence Platform, backed by cutting-edge technologies and top cybersecurity expertise to outscale cyber threats and build a resilient cybersecurity posture. Click Explore Detections to access the comprehensive collection of SOC content for vulnerability exploit detection, filtered by the custom “CVE” tag.

Explore Detections

Detections from the dedicated rule set can be applied across 40+ SIEM, EDR, and Data Lake platforms and are mapped to the latest MITRE ATT&CK® framework v18.1. Security teams can also leverage Uncoder AI to accelerate detection engineering end-to-end by generating rules directly from live threat reports, refining and validating detection logic, auto-visualizing Attack Flows, converting IOCs into custom hunting queries, and instantly translating detection code across diverse language formats.

CVE-2026-3910 Analysis 

According to Google’s security advisory, CVE-2026-3910 is a high-severity vulnerability in V8, the JavaScript and WebAssembly engine used by Chrome. It can be triggered through a crafted HTML page and may allow arbitrary code execution inside the browser sandbox. Because V8 processes active content during normal browsing, exploitation can begin with something as simple as visiting a malicious or compromised website.

The risk is substantial because Chrome is deeply embedded in daily enterprise work. An actively exploited V8 flaw can turn ordinary browsing into a path for credential theft, malicious code delivery, or broader compromise, especially when combined with other bugs or phishing.

Google has confirmed that CVE-2026-3910 is being exploited in the wild, but has not published technical details about the exploitation chain. 

The same Chrome update also fixed CVE-2026-3909, a high-severity out-of-bounds write vulnerability in the Skia graphics library. Google says the flaw is also being exploited in the wild. Because it affects another core browser component and was fixed in the same emergency release, organizations should apply the full update without delay rather than focus on CVE-2026-3910 alone.

CVE-2026-3910 Mitigation

The recommended mitigation is to update Chrome immediately to the latest patched Stable Channel build. Google says the fixed desktop versions are 146.0.7680.75 and 146.0.7680.76 for Windows and macOS and 146.0.7680.75 for Linux. Because Google has confirmed in-the-wild exploitation, organizations should prioritize the update across employee endpoints, administrator workstations, and shared systems used for browsing.

Organizations using Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi should also monitor for corresponding vendor patches, since those products may inherit exposure from the same underlying codebase. 

Additionally, by leveraging SOC Prime’s AI-Native Detection Intelligence Platform backed by top cyber defense expertise, global organizations can adopt a resilient security posture and transform their SOC to always stay ahead of emerging threats tied to zero-day exploitation.

The post CVE-2026-3910: Chrome V8 Zero-Day Used for In-the-Wild Attacks appeared first on SOC Prime.

The beginning of 2026 has brought a wave of zero-day vulnerabilities affecting Microsoft products, including the actively exploited Windows Desktop Window Manager flaw (CVE-2026-20805), the Microsoft Office zero-day (CVE-2026-21509) that prompted an out-of-band fix, and the Windows Notepad RCE bug (CVE-2026-20841). Microsoft’s March Patch Tuesday release keeps defenders busy again, this time shifting attention to CVE-2026-21262, a publicly disclosed SQL Server Elevation of Privilege (EoP) vulnerability that puts enterprise environments at risk. 

Microsoft describes CVE-2026-21262 as an improper access control flaw that allows an authorized attacker to elevate privileges over a network. The bug carries a CVSS score of 8.8 and was one of two publicly disclosed zero-days addressed in March’s Patch Tuesday. While there is no confirmed evidence of active exploitation, the combination of public exposure, low attack complexity, and the possibility of privilege escalation inside a core database platform makes this one hard to dismiss as a routine patch.

In view of Microsoft’s broad reach across enterprise and consumer environments, vulnerabilities in its products can have a devastating impact. BeyondTrust reported that Microsoft disclosed a record 1,360 vulnerabilities in 2024, with Elevation of Privilege flaws being a top category. That continued into 2025, when Microsoft patched 1,129 vulnerabilities across the year, while EoP issues stayed at 50% of all fixes as of December 2025. Google Threat Intelligence Group adds another layer of context. It tracked 90 in-the-wild zero-days in 2025 and found that enterprise technologies made up a record 48% of observed exploitation.

Sign up for SOC Prime Platform to access the world’s largest detection intelligence dataset backed by an AI-powered product suite, helping SOC teams seamlessly handle everything from threat detection to simulation. Defenders can drill down to a relevant detection stack for vulnerability exploitation activity by pressing Explore Detections.

Explore Detections

All rules are mapped to the latest MITRE ATT&CK® framework and are compatible with multiple SIEM, EDR, and Data Lake platforms. Additionally, each rule comes packed with broad metadata, including CTI references, attack flows, audit configurations, and more.

Cyber defenders can also use Uncoder AI to streamline their detection engineering routine. Turn raw threat reports into actionable behavior rules, test your detection logic, map out attack flows, turn IOCs into hunting queries, or instantly translate detection code across languages backed by the power of AI and deep cybersecurity expertise behind every step.

CVE-2026-21262 Analysis

Microsoft’s March 2026 Patch Tuesday addressed over 80 vulnerabilities, including two publicly disclosed zero-days. Across the release, privilege escalation flaws dominated, with the total list containing 46 EoP bugs, 18 RCE flaws, 10 information disclosure bugs, 4 denial-of-service issues, 4 spoofing vulnerabilities, and 2 security feature bypass flaws. 

CVE-2026-21262 stands out because it affects SQL Server, a platform many organizations rely on to run core applications and store high-value data. Successful exploitation can let attackers move from a low-privileged authenticated account to SQL sysadmin, which effectively means full control over the affected database instance. From there, hackers can access or alter data, change configuration, create new logins, or establish persistence inside the SQL environment.

The flaw does not provide initial access on its own. An attacker still needs valid credentials and network reachability to a vulnerable SQL Server instance. That limitation matters, but it should not create false confidence. In many enterprise environments, low-privileged database accounts are spread across applications, integration services, automation tooling, and legacy workloads, which makes post-compromise abuse a realistic scenario. 

Microsoft’s March Patch Tuesday release also included several other vulnerabilities defenders should keep in focus. The second publicly disclosed zero-day is a .NET denial-of-service flaw (CVE-2026-26127). Microsoft also fixed two notable Office remote code execution bugs (CVE-2026-26110, CVE-2026-26113), which can be exploited through the Preview Pane. Another important issue is an Excel information disclosure flaw (CVE-2026-26144)  that researchers say could potentially be abused to exfiltrate data through Copilot Agent mode.

CVE-2026-21262 Mitigation

According to Microsoft’s advisory, organizations running SQL Server should first identify the exact product version and current build, then install the March 10 security update that matches the instance’s servicing path. 

Notably, the vendor distinguishes between the GDR path, which delivers security fixes only, and the CU path, which includes both security and functional fixes. If an instance has been following the GDR track, install the matching GDR package. If it has already been receiving CU releases, install the corresponding CU security update. Microsoft also notes that organizations can move from GDR to CU once, but cannot roll back from CU to GDR afterward.

The affected supported branches and corresponding updates include the following:

• SQL Server 2016 SP3: KB5077474 (GDR)
• SQL Server 2017: KB5077471 (CU31) or KB5077472 (GDR)
• SQL Server 2019: KB5077469 (CU32) or KB5077470 (GDR)
• SQL Server 2022: KB5077464 (CU23) or KB5077465 (GDR)
• SQL Server 2025: KB5077466 (CU2) or KB5077468 (GDR) for Windows and Linux
  
  

Alongside patching, defenders should review SQL logins and role assignments, reduce unnecessary privileges for service and application accounts, restrict network exposure to database servers, and monitor for unusual permission changes or newly assigned high-privilege roles. Because exploitation requires valid credentials, it is also worth reviewing embedded database credentials, shared service accounts, and secrets management practices across the environment. 

Also, by enhancing the defenses with SOC Prime’s AI-Native Detection Intelligence Platform, SOC teams can source detection content from the largest and up-to-date repository, seamlessly adopt the full pipeline from detection to simulation into their security processes, orchestrate workflows in their natural language, and smoothly navigate the ever-changing threat landscape while strengthening defenses at scale.

The post CVE-2026-21262: SQL Server Zero-Day Fixed in Microsoft’s March Patch Tuesday Release appeared first on SOC Prime.

Steady cadence of Android zero-days marked as exploited in the wild makes its path to 2026. Following CVE-2025-48633 and CVE-2025-48572, two Android Framework bugs Google flagged for active exploitation, defenders keep seeing the same familiar pattern. Mobile-chain vulnerabilities can move fast from limited attacks to real enterprise risk when patching lags. 

In March 2026, that storyline continues with CVE-2026-21385, a high-severity vulnerability in a Qualcomm Graphics subcomponent. Google’s Android Security Bulletin warns that there are indications that CVE-2026-21385 may be under limited, targeted exploitation.

As of early 2026, data indicates that 2025 was a record-breaking year for cybersecurity vulnerabilities, with Android remaining a primary target for mobile threats. The first half of 2025 saw Android malware rise by 151%, according to Malwarebytes. More vulnerabilities and more mobile malware together shrink the margin for delayed patching, especially when attackers focus on high-value targets.

Sign up for SOC Prime Platform, aggregating the world’s largest detection intelligence dataset and offering a complete product suite that empowers SOC teams to seamlessly handle everything from detection to simulation. The Platform features a large collection of rules addressing critical exploits. Just press Explore Detections and immediately drill down to a relevant detection stack filtered by “CVE” tag.

Explore Detections

All rules are mapped to the latest MITRE ATT&CK® framework and are compatible with multiple SIEM, EDR, and Data Lake platforms. Additionally, each rule comes packed with broad metadata, including CTI references, attack flows, audit configurations, and more.

Cyber defenders can also use Uncoder AI to streamline their detection engineering routine. Turn raw threat reports into actionable behavior rules, test your detection logic, map out attack flows, turn IOCs into hunting queries, or instantly translate detection code across languages backed by the power of AI and deep cybersecurity expertise behind every step.

CVE-2026-21385 Analysis

Google has recently issued its March 2026 Android Security Bulletin, addressing 129 security vulnerabilities across multiple components, including the Framework, System, and hardware-related areas such as Qualcomm drivers. Google confirmed that one of the fixed flaws, CVE-2026-21385 in a Qualcomm display and graphics component, has signals of real-world abuse. 

While Google did not provide further details about the attacks, Qualcomm described the bug in its own advisory as an integer overflow or wraparound in the Graphics subcomponent that can be exploited by a local attacker to trigger memory corruption. The vendor also notes that CVE-2026-21385 affects 235 Qualcomm chipsets, expanding exposure across device models and OEM update timelines.

Qualcomm stated it was alerted to the vulnerability on December 18 by Google’s Android Security team and notified customers on February 2. CVE-2026-21385 has also been added to CISA’s Known Exploited Vulnerabilities catalog as of March 3, 2026, requiring Federal Civilian Executive Branch agencies to apply fixes by March 24, 2026.

CVE-2026-21385 Mitigation

Fixes for CVE-2026-21385 were included in the second part of the March 2026 Android updates, delivered to devices as the 2026-03-05 security patch level. This patch level addresses over 60 vulnerabilities across Kernel and third-party components, including Arm, Imagination Technologies, MediaTek, Unisoc, and Qualcomm.

The first part of the March updates, rolling out as the 2026-03-01 security patch level, contains fixes for over 50 vulnerabilities in the Framework and System components, including critical issues that could lead to remote code execution and denial of service.

Devices running a security level of 2026-03-05 or higher contain patches for all vulnerabilities listed in the March 2026 bulletin. In enterprise environments, it is important to apply the latest security updates provided for each device model, validate patch levels across managed devices, and prioritize remediation for high-risk users where update rollout is slow or device diversity complicates coverage.

The post CVE-2026-21385: Google Patches Qualcomm Zero-Day Exploited in Targeted Android Attacks appeared first on SOC Prime.

Since January 2026, CERT-UA has been tracking a series of intrusions attributed to UAC-0252 and built around SHADOWSNIFF and SALATSTEALER infostealers. The campaigns rely on well-crafted phishing lures, payload staging on legitimate infrastructure, and user-driven execution of disguised EXE files.

Detect UAC-0252 Attacks Covered in CERT-UA#20032

According to the Phishing Trends Q2 2025 research by Check Point, phishing remains a core tool for cybercriminals, and the impersonation of widely trusted, high-usage brands continues to rise. Against the backdrop of more coordinated and sophisticated operations aimed at critical infrastructure and government organizations, CISA published its 2025–2026 International Strategic Plan to advance global risk reduction and improve collective resilience.

Sign up for the SOC Prime Platform to proactively defend your organization against UAC-0252 attacks. Just press Explore Detections below and access a relevant detection rule stack, enriched with AI-native CTI, mapped to the MITRE ATT&CK® framework, and compatible with a wide range of SIEM, EDR, and Data Lake technologies.

Explore Detections

Security experts can also use the “CERT-UA#20032” tag based on the relevant CERT-UA alert identifier to search for the detection stack directly and track any content changes. For more rules to detect adversary-related attacks, cyber defenders can search the Threat Detection Marketplace library using the “UAC-0252” tag.

SOC Prime users can also rely on Uncoder AI to create detections from raw threat reports, document and optimize rule code, and generate Attack Flows in a couple of clicks. By leveraging threat intel from the latest CERT-UA alert, teams can easily convert IOCs into performance-optimized queries ready to hunt in the chosen SIEM or EDR environment.

Analyzing UAC-0252 Attacks Using SHADOWSNIFF and SALATSTEALER

Since January 2026, CERT-UA has been tracking repeated phishing campaigns targeting entities in Ukraine. The email messages are crafted to impersonate central government bodies or regional administrations and typically urge recipients to update mobile apps used in widely deployed civilian and military systems.

CERT-UA#20032 alert describes two common delivery paths. In the first one, the email includes an attached archive that contains an EXE file. The attacker relies on the recipient to open the archive and run the executable. In the second one, the email contains a link to a legitimate website that is vulnerable to cross-site scripting (XSS). When the victim visits the page, the injected JavaScript runs in the browser and downloads an executable file onto the computer. In both scenarios, CERT-UA notes that the EXE files and scripts are hosted on the legitimate GitHub service, which helps the activity blend into normal web traffic and makes basic domain blocking less effective in many environments.

During January and February 2026, CERT-UA confirmed that the activity used several malicious tools, including SHADOWSNIFF, SALATSTEALER, and DEAFTICK. 

SHADOWSNIFF was reported as being hosted on GitHub, while SALATSTEALER is commonly described as a Go-based infostealer that targets browser credentials, steals active sessions, and collects crypto-related data, operating under a Malware-as-a-Service (MaaS) model. In the same toolset, CERT-UA also reported DEAFTICK, a primitive backdoor written in Go that likely helps attackers maintain basic access on compromised hosts and support follow-on actions.

During repository analysis, CERT-UA reports discovering a program with characteristics of a ransomware encryptor, internally named «AVANGARD ULTIMATE v6.0». The same GitHub ecosystem also contained an archive with an exploit for WinRAR (CVE-2025-8088), a path traversal issue in Windows WinRAR that can enable arbitrary code execution via crafted archives and has been reported as exploited in the wild. This suggests the operators were not only stealing credentials, but also experimenting with additional tooling that could expand impact.

Based on the investigation details and the tooling overlaps, including experiments with publicly available instruments, CERT-UA links the described activity to individuals discussed in the «PalachPro» Telegram channel, while continuing to track the campaign under UAC-0252.

MITRE ATT&CK Context

Leveraging MITRE ATT&CK offers in-depth insight into the latest UAC-0252 phishing campaigns targeting Ukrainian entities. The table below displays all relevant Sigma rules mapped to the associated ATT&CK tactics, techniques, and sub-techniques.

The post UAC-0252 Attack Detection: SHADOWSNIFF and SALATSTEALER Fuel Phishing Campaigns in Ukraine appeared first on SOC Prime.

New day, new vulnerability in the spotlight. We’re once again seeing how quickly weaponized flaws in widely deployed platforms turn into real operational risk. Coverage of maximum-severity Cisco bugs (CVE-2025-20393, CVE-2026-20045), as well as the Dell RecoverPoint zero-day CVE-2026-22769, shows that attackers are increasingly prioritizing edge-facing infrastructure that quietly controls traffic flows, identity paths, and service availability.

That story continues with CVE-2026-20127, a critical authentication bypass affecting Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst SD-WAN Manager (formerly vManage). Cisco Talos reports the flaw is being actively exploited and tracks the activity as UAT-8616, assessing with high confidence that a highly sophisticated threat actor has been exploiting it since at least 2023.

GreyNoise’s 2026 State of the Edge Report shows why confirmed exploitation in edge-facing network control systems demands urgent action. In H2 2025, GreyNoise observed 2.97 billion malicious sessions from 3.8 million unique source IPs targeting internet-facing infrastructure, underscoring how quickly exploitation traffic scales once attackers focus on an exposed surface.

Register for SOC Prime’s AI-Native Detection Intelligence Platform, backed by cutting-edge technologies and top cybersecurity expertise to outscale cyber threats and build a resilient cybersecurity posture. Click Explore Detections to access the comprehensive collection of SOC content for vulnerability exploit detection, filtered by the custom “CVE” tag.

Explore Detections

Detections from the dedicated rule set can be applied across multiple SIEM, EDR, and Data Lake platforms and are mapped to the latest MITRE ATT&CK® framework v18.1. Security teams can also leverage Uncoder AI to accelerate detection engineering end-to-end by generating rules directly from live threat reports, refining and validating detection logic, auto-visualizing Attack Flows, converting IOCs into custom hunting queries, and instantly translating detection code across diverse language formats.

CVE-2026-20127 Analysis

Cisco Talos describes CVE-2026-20127 as an issue that allows an unauthenticated remote attacker to bypass authentication and obtain administrative privileges on the affected system by sending crafted requests. Cisco’s public advisory ties the root cause to a peering authentication mechanism that is not working properly.

A successful exploit can let an attacker log in to a Catalyst SD-WAN Controller as an internal, high-privileged, non-root account, then use that access to reach NETCONF and manipulate SD-WAN fabric configuration. That kind of control-plane access is exactly what makes SD-WAN incidents so disruptive, as the attackers are in a position to shape how the network behaves.

Multiple government and partner advisories describe a common post-exploitation path. After exploiting CVE-2026-20127, actors have been observed adding a rogue peer and then moving toward root access and long-term persistence within SD-WAN environments. Talos adds that intelligence partners observed escalation involving a software version downgrade, exploitation of CVE-2022-20775, and then restoration back to the original version, a sequence that can complicate detection if teams only validate the “current” running version.

Because exploitation is confirmed and impacts systems used to manage connectivity across sites and clouds, CISA issued Emergency Directive 26-03 for U.S. federal civilian agencies, with an accelerated requirement to complete required actions by 5:00 PM (ET) on February 27, 2026. FedRAMP also relayed the same urgency to cloud providers supporting federal environments. 

CVE-2026-20127 Mitigation 

According to Cisco’s advisory, CVE-2026-20127 affects Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager regardless of device configuration, across these deployment types:

• On-Prem Deployment
• Cisco Hosted SD-WAN Cloud
• Cisco Hosted SD-WAN Cloud – Cisco Managed
• Cisco Hosted SD-WAN Cloud – FedRAMP Environment 
  
  

Cisco also notes there are no workarounds that fully address this vulnerability. The durable fix is upgrading to a patched release, with the exact fixed versions listed in Cisco’s advisory under the Fixed Software section.

Users are urged to start by prioritizing patching as the only complete remediation and verify the fixes are actually in place across every in-scope Catalyst SD-WAN Controller and Manager instance.

Next, to reduce the attack surface while users patch and validate, CISA and the UK NCSC guidance emphasize restricting network exposure, placing SD-WAN control components behind firewalls, and isolating management interfaces from untrusted networks. In parallel, SD-WAN logs should be forwarded to external systems so attackers cannot easily erase local evidence.

Finally, it is better to treat this as both a patching and an investigation event. Cisco recommends auditing /var/log/auth.log for entries like “Accepted publickey for vmanage-admin” coming from unknown or unauthorized IP addresses, then comparing those source IPs against the configured System IPs listed in the Manager UI (WebUI > Devices > System IP). If users suspect compromise, Cisco advises engaging Cisco TAC and collecting the admin-tech output (for example, via request admin-tech) so it can be reviewed.

Because the reported activity can include version downgrade and unexpected reboot behavior as part of the post-compromise chain, public guidance also recommends checking the following logs for downgrade/reboot indicators:

• /var/volatile/log/vdebug
• /var/log/tmplog/vdebug
• /var/volatile/log/sw_script_synccdb.log
  
  

To strengthen coverage beyond patching and mitigation steps, rely on the SOC Prime Platform to reach the world’s largest detection intelligence dataset, adopt an end-to-end pipeline that spans detection through simulation while streamlining security operations and speeding up response workflows, reduce engineering overhead, and stay ahead of emerging threats.

The post CVE-2026-20127: Cisco SD-WAN Zero-Day Exploited Since 2023 appeared first on SOC Prime.

SOC Prime has recently covered a wave of actively exploited zero-days across major ecosystems, including Apple’s CVE-2026-20700 and Microsoft’s CVE-2026-20805, alongside a fresh Chrome zero-day case. But the avalanche of threats keeps marching into 2026. Recently, researchers from Mandiant and Google Threat Intelligence Group (GTIG) detailed the active exploitation of CVE-2026-22769, a maximum-severity hardcoded-credential vulnerability in Dell products.

The spotlight is on Dell RecoverPoint for Virtual Machines, a VMware-focused backup and disaster recovery solution that has become the target of an in-the-wild zero-day campaign attributed to suspected China-nexus activity. Tracked with a CVSS score of 10.0, CVE-2026-22769 has reportedly been exploited by the China-linked cluster UNC6201 since at least mid-2024, enabling attackers to establish access and deploy multiple malware families, including BRICKSTORM and GRIMBOLT.

SOC Prime Platform helps security teams close the gap between “a CVE was disclosed” and “we have detection intel.” Sign up now to access the world’s largest detection intelligence dataset, backed by advanced solutions to take your SOC to the next level. Click Explore Detections to reach vulnerability-focused detection content pre-filtered by the “CVE” tag. 

Explore Detections

All rules are compatible with dozens of SIEM, EDR, and Data Lake formats and mapped to MITRE ATT&CK®. Additionally, each rule is enriched with extensive metadata, including CTI references, Attack Flow visualization, triage recommendations, audit configurations, and more.

Security teams can also leverage Uncoder AI to accelerate detection engineering end-to-end by generating rules directly from live threat reports, refining and validating detection logic, converting IOCs into custom hunting queries, and instantly translating detection code across diverse language formats.

CVE-2026-22769 Analysis

In its advisory from February 17, 2026, Dell describes CVE-2026-22769 as a hardcoded credential vulnerability in RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1, and assigns it a highest severity rating. Dell warns that an unauthenticated remote attacker who knows the hardcoded credential could gain unauthorized access to the underlying operating system and even establish root-level persistence. 

GTIG and Mandiant’s investigation adds the operational detail behind that impact. Security experts observed activity against the appliance’s Apache Tomcat Manager, including web requests using the admin username that resulted in the deployment of a malicious WAR file containing the SLAYSTYLE web shell. The researchers then traced this back to hard-coded default credentials for the admin user in Tomcat Manager configuration at /home/kos/tomcat9/tomcat-users.xml. Using those credentials, an attacker could authenticate to Tomcat Manager and deploy a WAR via the /manager/text/deploy endpoint, leading to command execution as root on the appliance. 

UNC6201 is assessed to have used this foothold for lateral movement, persistence, and malware deployment, with the earliest identified exploitation dating back to mid-2024. The initial access vector was not confirmed in these cases, but GTIG notes UNC6201 is known for targeting edge appliances as an entry point.

The post-compromise tooling also evolved over time. Mandiant reports finding BRICKSTORM binaries and then observing a replacement with GRIMBOLT in September 2025. GRIMBOLT is described as a C# backdoor compiled using native ahead-of-time (AOT) compilation and packed with UPX, providing remote shell capability while using the same C2 as BRICKSTORM. The researchers note it is unclear whether the swap was a planned upgrade or a response to incident response pressure.

The activity did not stop at the RecoverPoint appliance. Mandiant reports that UNC6201 pushed deeper into victims’ virtualized environments by creating temporary virtual network ports on VMware ESXi servers, effectively spinning up hidden network connectivity commonly referred to as “Ghost NICs.” This technique allowed the attackers to move quietly from compromised VMs into broader internal networks and, in some cases, toward SaaS environments.

Researchers also report overlaps between UNC6201 and another China-nexus cluster tracked as UNC5221, known for exploiting Ivanti zero-days and previously linked in reporting to Silk Typhoon, though GTIG notes these clusters are not considered identical.

CVE-2026-22769 Mitigation

Dell’s remediation guidance is clear, but it requires follow-through. For the 6.x line, Dell points customers to upgrade to 6.0.3.1 HF1 or apply the vendor remediation script referenced in the advisory, and it also provides migration/upgrade paths for affected 5.3 service pack builds.

To strengthen coverage beyond patching, rely on the SOC Prime Platform to reach the world’s largest detection intelligence dataset, adopt an end-to-end pipeline that spans detection through simulation while streamlining security operations and speeding up response workflows, reduce engineering overhead, and stay ahead of emerging threats.

The post CVE-2026-22769: Critical Dell RecoverPoint Zero-Day Exploited in the Wild appeared first on SOC Prime.

Right after Apple’s CVE-2026-20700 zero-day under active exploitation made headlines, Google released security updates for Chrome to address the first actively exploited Chrome zero-day of 2026.

CVE-2026-2441 Analysis

The high-severity flaw, tracked as CVE-2026-2441, is a use-after-free vulnerability in Chrome’s CSS component. NIST’s NVD description notes that the issue could allow a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. In fact, a user only needs to land on a maliciously-crafted page for the attacker to trigger the bug and run code within the browser’s sandboxed environment.

Zero-day exploitation is rising. In 2024, Google’s Threat Intelligence Group reported 75 zero-days exploited in real attacks, and by 2025 exploits were still the top initial access method, accounting for 33% of intrusion paths. In that context, browser vulnerabilities remain a persistent threat for defenders. Browsers are everywhere, they continuously handle untrusted web content, and the trigger can be as simple as a user opening a link.

Sign up for SOC Prime Platform to access the global marketplace of 750,000+ detection rules and queries made by detection engineers, updated daily, and enriched with AI-native threat intel to proactively defend against existing and current threats anticipated most. Just click the Explore Detections below and immediately reach the extensive detection stack filtered out by “CVE” tag. All detections are compatible with dozens of SIEM, EDR, and Data Lake formats and are mapped to MITRE ATT&CK®. 

Explore Detections

Security experts can also leverage Uncoder AI to accelerate detection engineering end-to-end by generating rules directly from live threat reports, refining and validating detection logic, visualizing Attack Flows, converting IOCs into custom hunting queries, and instantly translating detection code across diverse language formats.

CVE-2026-2441 Mitigation

Google’s advisory notes that a fix for CVE-2026-2441 was delivered in the Stable channel update released on February 13, 2026. The patched builds are Chrome 145.0.7632.75/76 for Windows and macOS and 144.0.7559.75 for Linux, with rollout expected over the following days and weeks.

Google has shared very little technical detail, but it has confirmed it is aware of in-the-wild exploitation of CVE-2026-2441. Security researcher Shaheen Fazim has been credited with discovering and reporting the issue on February 11, 2026.

Users are advised to update Chrome to the fixed build on every endpoint and make sure the browser is restarted so the patched version is actually running. Additionally, by leveraging SOC Prime’s AI-Native Detection Intelligence Platform backed by top cyber defense expertise, global organizations can adopt a resilient security posture and transform their SOC to always stay ahead of emerging threats.

The post CVE-2026-2441: Google Patches Chrome Zero-Day Exploited in the Wild appeared first on SOC Prime.

SOC Prime previously highlighted Apple’s actively exploited WebKit zero-day CVE-2025-14174, a case that showed how quickly weaponized iOS flaws can move from targeted activity to real operational risk for organizations and high-value users. That same case later led to additional fixes, with CVE-2025-14174 and CVE-2025-43529 both issued in response to it, reinforcing a familiar pattern in which separate bugs are addressed as part of a broader security incident rather than in isolation. 

In February 2026, that story continued with CVE-2026-20700, an exploited memory corruption vulnerability in dyld, Apple’s Dynamic Link Editor. Apple states that an attacker with memory write capability may be able to achieve arbitrary code execution, and notes the issue may have been used in an “extremely sophisticated attack” against specific targeted individuals.

Notably, with the latest update, Apple has addressed its first actively exploited zero-day in 2026. Public reporting also notes that the company patched nine zero-day vulnerabilities exploited in the wild in 2025.

Register for SOC Prime’s AI-Native Detection Intelligence Platform, backed by cutting-edge technologies and top cybersecurity expertise to outscale cyber threats and build a resilient cybersecurity posture. Click Explore Detections to access the comprehensive collection of SOC content for vulnerability exploit detection, filtered by the custom “CVE” tag.

Explore Detections

Detections from the dedicated rule set can be applied across 40+ SIEM, EDR, and Data Lake platforms and are mapped to the latest MITRE ATT&CK® framework v18.1. Security teams can also leverage Uncoder AI to accelerate detection engineering end-to-end by generating rules directly from live threat reports, refining and validating detection logic, auto-visualizing Attack Flows, converting IOCs into custom hunting queries, and instantly translating detection code across diverse language formats.

CVE-2026-20700 Analysis

Apple clarifies that CVE-2026-20700 resides in dyld, the system component responsible for loading dynamic libraries into memory and bridging application code with system frameworks. That placement matters because vulnerabilities in foundational loader components can be valuable in real-world exploit chains that depend on how code is mapped and executed at runtime.

Apple keeps technical details limited, but it confirms two points defenders should prioritize. Apple is aware of exploitation tied to highly targeted activity, which suggests mature tradecraft rather than opportunistic attacks. Apple also confirms the impact is arbitrary code execution, which means the outcome is not only stability issues, but attacker-controlled instruction execution on the device under the right conditions.

Patches for CVE-2026-20700 are available in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, watchOS 26.3, tvOS 26.3, and visionOS 26.3. Apply the latest Apple security updates across all supported devices, confirm that systems are running the remediated versions, and enforce and validate compliance. Users are also prompted to enable automatic updates on personal devices.

To strengthen coverage beyond patching, rely on the SOC Prime Platform to reach the world’s largest detection intelligence dataset, adopt an end-to-end pipeline that spans detection through simulation while streamlining security operations and speeding up response workflows, reduce engineering overhead, and stay ahead of emerging threats.

The post CVE-2026-20700: Apple Patches Zero-Day Exploited in Sophisticated Cyber Attacks appeared first on SOC Prime.

Microsoft’s 2026 Patch Tuesday cadence continues to shape patching priorities. January set the pace with fixes for an actively exploited Windows Desktop Window Manager zero-day (CVE-2026-20805). Now, the February release adds another practical concern. Applications that gain richer features can also inherit richer risks, as shown by the built-in Windows 11 Notepad app now associated with a remote code execution vulnerability. An attacker can lure a user into opening a crafted Markdown file in Notepad and clicking a malicious link, which can trigger untrusted protocol handling that pulls down remote content and executes it.

The vulnerability, tracked as CVE-2026-20841, was addressed in Microsoft’s February 10, 2026 security updates and carries a CVSS score of 8.8, rated Important.

Given Microsoft’s dominant role in enterprise and consumer environments, vulnerabilities in its software scale fast and often become repeatable attacker playbooks. Tenable’s Patch Tuesday 2025 review shows the volume defenders face, with Microsoft addressing 1,130 CVEs across 2025 releases and remote code execution making up 30.8% of those fixes. That is why CVE-2026-20841 should not be treated as a routine Important patch. It is an 8.8-rated RCE in the modern Windows Notepad app that can turn a simple Markdown file and a single click into a code execution path.

Register for the SOC Prime Platform, the industry-first AI-Native Detection Intelligence Platform for real-time defense, to explore a collection of 600,000+ detection rules addressing the latest threats and equip your team with AI and top cybersecurity expertise. Click Explore Detections to reach the extensive rule set for vulnerability exploit detection, pre-filtered using the custom “CVE” tag.

Explore Detections

All rules are portable across leading SIEM, EDR, and Data Lake platforms and are aligned with the latest MITRE ATT&CK framework v18.1. Go deeper with AI-native detection intelligence, including CTI references, attack timelines, audit configuration guidance, triage recommendations, and additional context that helps analysts move from alert to action faster.

To further cut detection engineering overhead, security teams can use Uncoder AI to instantly translate detection logic across multiple language formats, generate detections directly from raw threat reports, visualize Attack Flows, accelerate enrichment and tuning, and streamline validation workflows end to end.

CVE-2026-20841 Analysis

Microsoft’s February 2026 Patch Tuesday delivered security updates for 58 vulnerabilities, including six actively exploited issues and three publicly disclosed zero-days.

One of the notable flaws in this release is CVE-2026-20841, a nasty remote code execution issue in the modern Windows Notepad app. The vulnerability is rooted in command injection, where specially crafted input can be interpreted as executable instructions rather than treated as plain text.

Microsoft’s advisory describes a straightforward abuse path that relies on user interaction. An attacker can trick a Windows user into opening a crafted Markdown (.md) file in Notepad and clicking a malicious hyperlink. That click can cause Notepad to launch unverified protocols that load and execute remote files, enabling code execution with the same permissions as the logged-in user. In practical terms, the “weapon” is a text file, delivery can be as simple as email or a download link, and the compromise moment is the click.

If successfully exploited, the attacker inherits the user’s access level, including local files, network shares, and internal tools. In many environments, that is enough to steal data, deploy additional malware, or stage follow-on actions that expand the intrusion.

The affected component is the Microsoft Store-distributed Notepad app, not the legacy Notepad.exe that many teams can think of. This distinction matters operationally because Store apps can fall out of date when automatic updates are disabled or when enterprises do not enforce app version compliance. The fix for CVE-2026-20841 is shipped via the Microsoft Store as an updated Notepad release, with the build 11.2510 and later marked as remediated, and Microsoft listing it as customer action required.

Organizations that rely on affected Windows environments are urged to apply the February updates without delay and to confirm that the Microsoft Store Notepad version is updated to a remediated build. To strengthen coverage beyond patching, SOC teams can enhance defenses with SOC Prime’s AI-Native Detection Intelligence Platform by sourcing detection content from the largest and continuously updated repository, adopting an end-to-end pipeline from detection to simulation, orchestrating workflows in natural language, and staying resilient against emerging threats.

The post CVE-2026-20841: Windows Notepad RCE Fixed in Microsoft’s February Patch Tuesday Release appeared first on SOC Prime.

AI adoption is moving fast, shifting from pilot projects to the infrastructure-level, day-to-day practice. The budget curve reflects that shift. Gartner expects worldwide AI spending to reach $2.52T in 2026, a 44% year-over-year increase. At the same time, AI cybersecurity spending is expected to grow by more than 90% in 2026, a clear signal that the deeper AI is embedded into business operations, the larger the attack surface becomes.

As organizations operationalize LLMs, the real challenge shifts from response quality to safe execution. It is no longer enough for a model to explain what to do. In many environments, value comes from taking action, pulling the right context, and interacting with the systems where work happens. That includes code repositories, ticketing platforms, SaaS tools, databases, and internal services.

Before Model Context Protocol, every tool integration was like building a different custom cable for every device, and then discovering that each LLM vendor used a slightly different plug. MCP standardizes the connector and the message format; therefore, tools can expose capabilities once, and multiple models can use them consistently. The result is faster development, fewer bespoke integrations, and lower long-term maintenance as adoption spreads across the ecosystem.

This shift is already visible in cybersecurity-focused AI assistants. For example, SOC Prime’s Uncoder AI is powered by MCP tools that turn an LLM into a contextually aware cybersecurity co-pilot, supporting easier integration, vendor flexibility, pre-built connections, and more controlled data handling. For instance, MCP allows semantic searches across the Threat Detection Marketplace, quickly finding rules for specific log sources or threat types, and cutting down on manual search time. All this is backed by privacy and security at its core.

Yet, in general, when MCP becomes a common pathway between agents and critical systems, every server, connector, and permission scope becomes security relevant. Overbroad tokens, weak isolation, and incomplete audit trails can turn convenience into data exposure, unintended actions, or lateral movement.

This guide explains how MCP works, then focuses on practical security risks and mitigations.

What Is MCP?

Since it was released and open-sourced by Anthropic in November 2024, Model Context Protocol has rapidly gained traction as the connective layer between AI agents and the tools, APIs, and data they rely on.

At its core, MCP is a standardized way for LLM-powered applications to communicate with external systems in a consistent and controlled manner. It moves AI assistants beyond static, training-time knowledge by enabling them to retrieve fresh context and perform actions through approved interfaces. The practical outcome is an AI agent that can be more accurate and useful, because it can work with real operational data.

Key Components

Model Context Protocol architecture is built around a simple set of blocks that coordinate how an LLM discovers external capabilities, pulls the right context, and exchanges structured requests and responses with connected systems.

• MCP Host. The environment where the LLM runs. Examples include an AI-powered IDE or a conversational interface embedded into a product. The host manages the user session and decides when external context or actions are needed.
• MCP Client. A component inside the host that handles protocol communication. It discovers MCP servers, requests metadata about available capabilities, and translates the model’s intent into structured requests. It also returns responses back to the host in a form that the application can use.
• MCP Server. The external service that provides context and capabilities. It can access internal data sources, SaaS platforms, specialized security tooling, or proprietary workflows. This is where organizations typically enforce system-specific authorization, data filtering, and operational guardrails.
  
  

Layers

• Data layer. This inner layer is based on the JSON-RPC protocol and handles client-server communication. It covers lifecycle management and the core primitives that MCP exposes, including tools, resources, prompts, and notifications.
• Transport layer. This outer layer defines how messages actually move between clients and servers. It specifies the communication mechanisms and channels, including transport-specific connection setup, message framing, and authorization.
  
  

Conceptually, the data layer provides the contract and semantics, while the transport layer provides the connectivity and enforcement path for secure exchange.

How Does the MCP Work?

MCP sits between the LLM and the external systems your agent plans to use. Instead of giving the model direct access to databases, SaaS apps, or internal services, MCP exposes approved capabilities as tools and provides a standard way to call them. The LLM focuses on understanding the request and deciding what to do next. MCP handles tool discovery, execution, and returning results in a predictable format.

A typical flow can look like the one below:

• User asks a question or gives a task. The prompt arrives in the AI application, also called the MCP host.
• Tool discovery. The MCP client checks one or more MCP servers to see what tools are available for this session.
• Context injection. MCP adds relevant tool details to the prompt, so the LLM knows what it can use and how to call it.
• Tool call generation. The LLM creates a structured tool request, basically a function call with parameters.
• Execution in the downstream service. The MCP server receives the request and runs it against the target system, often through an API such as REST.
• Results returned and used. The output comes back to the AI application. The LLM can use it to make another call or to write the final answer.
  
  

Here is a simple example of how that works in Uncoder AI. You ask: “Find detections for credential dumping that work with Windows Security logs.”

• The LLM realizes it needs access to a detection library, not just its own knowledge.
• Through MCP, Uncoder AI calls the relevant Detection Search tool connected to SOC Prime’s Threat Detection Marketplace.
• The MCP server runs the search and returns a short list of matching detections.
• Uncoder AI then reviews the results and replies with a clean shortlist of five detection rules.

MCP Risks & Vulnerabilities

Model Context Protocol expands what an LLM can do by connecting it to tools, APIs, and operational data. That capability is the value, but it is also the risk. Once an assistant can retrieve internal context and trigger actions through connected services, MCP becomes part of your control plane. The security posture is no longer defined by the model alone, but by the servers you trust, the permissions you grant, and the guardrails you enforce around tool use.

Key MCP Security Considerations

MCP servers serve as the glue between hosts and a broad range of external systems, including potentially untrusted or risky ones. Understanding your exposure requires visibility into what sits on each side of the server boundary, which LLM hosts and clients are calling it, how the server is configured, what third-party servers are enabled, and which tools the model can actually invoke in practice.

• Confused Deputy Problem. If an MCP server can act with broader privileges than the user, it may execute actions that the user should not be allowed to trigger. The secure pattern is that the server acts on behalf of the user with explicit consent and least-privilege scopes, not with a blanket service identity.
• Token Passthrough. Passing client tokens through to downstream APIs without proper validation breaks trust boundaries and can defeat audience controls. MCP guidance treats this as a high-risk anti-pattern because it makes authorization ambiguous and hard to audit.
• Session Hijacking and Event Injection. Stateful connections can be abused if session identifiers can be stolen, replayed, or resumed by an attacker. Secure session handling matters because tool calls become a sequence, not a single request, and attackers target the weakest link in that chain.
• Local MCP Server Compromise. Local servers can be powerful, and that power cuts both ways. Risks include running untrusted code, unsafe startup behavior, and exposing a local service in a way that another site or process can reach it. Local deployments need sandboxing, strict binding, and safe defaults.
• Scope Minimization Failures. Overly broad scopes increase blast radius and weaken governance. The specifications highlight scope design pitfalls, such as overloading a single scope for many operations or advertising excessive scope support. Least-privilege scopes and clear separation of read and write capabilities are essential.
  
  

Many MCP risks map to familiar security fundamentals; therefore, MCP servers should be treated like any other integration surface. Organizations need to apply supply-chain controls, scan code and dependencies, pin versions, and review changes before release. Also, it’s important to harden endpoints with strong authentication and authorization, rate limits, and secure defaults. These practices eliminate a large share of preventable failures.

The MCP specification provides a list of security best practices, with common attack patterns and practical mitigations you can apply when building or operating MCP hosts, clients, and servers.

Top MCP Security Risks

To make the list actionable, it helps to group MCP threats into the most common risk patterns defenders see in real deployments.

Prompt Injection

Attackers craft inputs that push the assistant into unsafe tool use or sensitive data disclosure.

Mitigation tip: Restrict tool access, enforce call policies, and monitor tool usage for abnormal patterns.

Indirect Prompt Injection

Hostile instructions can arrive through retrieved content and be treated as trusted intent.

Mitigation tip: Segregate untrusted content, sanitize it, and prevent tools from being invoked based on instructions found in external data.

Tool Poisoning

Tool descriptions, parameters, or defaults can be manipulated to steer model decisions.

Mitigation tip: Treat tool metadata as untrusted input, review tool definitions like code, and require integrity checks before updates.

Tool Shadowing and Tool Name Collision

Lookalike tools can impersonate legitimate ones and capture requests.

Mitigation tip: Maintain an allowlist of approved servers and tools, and fail closed when a tool identity cannot be verified.

Confused Deputy Authorization Failures

A server executes actions using its own broad privileges rather than user-bound permissions.

Mitigation tip: Use explicit consent, enforce user-bound scopes, and validate tokens as required by the MCP authorization guidance.

Token Passthrough and Weak Token Validation

Forwarding tokens or accepting tokens without proper audience validation undermines authorization.

Mitigation tip: Forbid passthrough, validate token audience, and follow the OAuth-based flow defined for HTTP transports.

Session Hijacking

Attackers abuse resumable sessions or stolen identifiers to inject events or impersonate a client.

Mitigation tip: Bind sessions tightly, rotate identifiers, apply timeouts, and log resumptions and anomalies.

Local Server Compromise

Local MCP servers can be leveraged to access files, run commands, or pivot to other resources if not isolated.

Mitigation tip: Sandbox local servers, minimize OS privileges, restrict file system access, and avoid exposing local services beyond what is required.

Excessive Scopes and Permission Creep

Broad scopes create unintended access, and permissions tend to accumulate over time.

Mitigation tip: Split read and write tools, review scopes regularly, and keep scope sets minimal and task-specific.

Lack of Auditability and Weak Incident Response

If you cannot correlate prompts, tool calls, tokens, and downstream actions, investigations become guesswork.

Mitigation tip: Centralize logs, attach correlation IDs, and record tool call intent, parameters, and outcomes in a SIEM-friendly format.

The practical takeaway is that MCP should be secured like a high-impact integration layer. Assume tool outputs are untrusted, minimize permissions, enforce strong identity and authorization, and invest early in monitoring that can tie prompts to tool calls and downstream actions.

SOC Prime follows established security and privacy best practices to protect customers and ensure the trustworthy operation of the SOC Prime Platform and AI-enabled capabilities. The SOC Prime team also created and open-sourced AI/DR Bastion, a comprehensive GenAI protection system designed to safeguard against malicious prompts, injection attacks, and harmful content. The system incorporates multiple detection engines that operate sequentially to analyze and classify user inputs before they reach GenAI applications.

Furthermore, the SOC Prime Platform supports integration with AIDEFEND (Artificial Intelligence Defense Framework), an open, AI-focused knowledge base of defensive countermeasures for emerging AI/ML threats. Backed by Uncoder AI, the AIDEFEND-native MCP makes this knowledge immediately actionable. Security professionals can ask for defenses against specific threats, pull detailed technique guidance, generate quick checklists, or extract secure code snippets to implement controls faster and with less research overhead.

What Is the Future of MCP Security?

Security concerns around MCP are valid, but standardization is also a major opportunity to improve control. As MCP adoption grows, organizations get a more consistent security surface where they can apply the same policies and monitoring across tool usage, instead of securing a different custom integration for every model and every downstream system.

Looking ahead, MCP security will mature in a few predictable directions:

• Secure the MCP Building Blocks. MCP security will increasingly focus on the protocol primitives that define what an agent can do. Tools are executable functions and need tight permissions and clear rules for when they can run. Resources act as data containers and need access control and validation to reduce leakage and poisoning. Prompts influence behavior and must be protected with solutions, like AI/DR Bastion, against injection and unauthorized modification.
• Make Identity Mandatory for Remote MCP. For any networked MCP server, authentication should be treated as a baseline requirement. Teams need a clear identity model that answers who is making the call, what they are allowed to do, and what consent was granted. This also helps prevent common failures highlighted in the spec, such as confused deputy behavior and risky token handling patterns.
• Enforce Policy Using Full Context. Allowlists are useful, but agent workflows need richer guardrails. The prompt, the user, the selected tool, tool parameters, and the target system should all influence what is allowed. With that context, you can restrict risky operations, limit sensitive data retrieval, block unsafe parameter patterns, and require extra checks when the risk level is high.
• Treat Monitoring as a Core Control. As agents chain actions, investigation depends on being able to trace behavior end-to-end. A practical baseline is logging that correlates prompts, tool selection, tool inputs, tool outputs, and downstream requests. Without that linkage, it is difficult to audit actions or respond quickly when something goes wrong.
• Add Approval Gates for High-Impact Actions. For actions that create, modify, delete, pay, or escalate privileges, human review remains essential. Mature MCP deployments will add explicit approval steps that pause execution until a user or a security workflow confirms the action. This reduces the attack surface from both malicious prompting and accidental tool misuse.
• Verify Servers and Control Updates. As the ecosystem expands, trust and provenance become mandatory. Organizations will increasingly rely on approved MCP servers, controlled onboarding, and strict change management for updates. Version pinning, integrity checks, and dependency scanning matter because MCP servers are executable code, and tool behavior can change over time, even if interfaces look stable.
• Keep the Fundamentals Front and Center. Even with MCP-specific controls, the most common security practices remain the basics. Least privilege, clear scopes, safe session handling, strong authentication, hardened endpoints, and complete audit logging remove a large share of real-world risk. Use the MCP security best practices list as a standing checklist, then add controls based on your environment and risk appetite.
  
  

As MCP spreads across more assistants and tools, security becomes the difference between a helpful co-pilot and an unchecked automation engine. The safest path is simple: treat MCP like privileged infrastructure, keep permissions tight, and make every tool call visible and traceable. Do that well, and MCP can scale agent workflows with confidence instead of turning speed into risk.

The post Model Context Protocol: Security Risks & Mitigations appeared first on SOC Prime.

Shortly after our recent coverage of high-impact FortiOS SSO zero-day exploitation (CVE-2026-24858), defenders are facing another urgent patching priority in the Fortinet ecosystem. On February 6, Fortinet released a fix for a critical SQL injection flaw that can be triggered remotely and doesn’t require authentication, potentially leading to unauthorized code or command execution. 

Although there are currently no signs of exploitation in the wild, CVE-2026-21643 requires immediate attention and patching as SQL injection remains one of the most dangerous web vulnerability classes. OWASP Top 10 2025 links Injection to 62,445 known CVEs, including more than 14,000 SQL injection issues. The risk is straightforward. If an application lets untrusted input reach the database interpreter, an attacker can make the database run unintended commands, steal or change data, and, in some cases, escalate to full system compromise.

Sign up for the SOC Prime Platform to access real-time detection intelligence and ready-to-go use cases for emerging risks like vulnerability exploitation. Click Explore Detections to view the full collection of rules filtered by the “CVE” tag.

Explore Detections

All rules are compatible with multiple SIEM, EDR, and Data Lake platforms and are mapped to the MITRE ATT&CK® framework. Each rule includes CTI links, attack timelines, audit settings, triage guidance, and more relevant metadata.

Cyber defenders can also use Uncoder AI to empower their detection engineering workflows. Generate detection algorithms from raw threat reports, enable fast IOC sweeps, predict ATT&CK tags, optimize query code with AI tips, and translate it across multiple SIEM, EDR, and Data Lake languages.

CVE-2026-21643 Analysis

On February 6, 2026, Fortinet released an advisory describing CVE-2026-21643 as an improper neutralization of special elements used in an SQL Command (SQL Injection) in FortiClient EMS, where a remote attacker can send specially crafted HTTP requests to trigger the flaw. Because the issue is pre-auth, an exposed or reachable EMS administrative interface becomes a high-value target for initial access, potentially leading to rapid foothold establishment, follow-on tooling, and lateral movement from a system that often has broad visibility into endpoints. 

CVE-2026-21643 obtains a critical CVSS score of 9.8, highlighting the urgent need for patching. The good news for defenders is that the scope is clear. Fortinet’s advisory highlights that only FortiClientEMS 7.4.4 is affected and that upgrading to 7.4.5 or later addresses the issue, while 7.2 and 8.0 are not impacted.

Enhancing proactive cybersecurity strategies is crucial for reducing exploitation risk. By leveraging SOC Prime’s AI-Native Detection Intelligence Platform for enterprise-grade cyber defense, organizations can scale detection operations and strengthen their security posture. Register now to improve visibility into threats most relevant to your business and to accelerate response when new critical threats like CVE-2026-21643 appear.

The post CVE-2026-21643: Critical FortiClient EMS Vulnerability Enables Unauthenticated Remote Code Execution appeared first on SOC Prime.

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid weaponization of CVE-2026-21509.

Detect UAC-0001 aka APT28 Activity Based on the CERT-UA#19542 Alert

APT28 (UAC-0001) has a long record of conducting cyber operations aligned with russian state interests, with a persistent focus on Ukraine and its allied partners. Ukraine frequently serves as an initial testing environment for newly developed tactics, techniques, and procedures that are later scaled to broader international targets. 

The latest UAC-0001 campaign in the limelight follows the same pattern. According to CERT-UA#19542, UAC-0001 targeted Ukrainian state bodies with malicious Office documents exploiting CVE-2026-21509 to deploy the COVENANT framework. The same attack pattern was later observed against EU organizations, demonstrating rapid operational expansion beyond Ukraine.

Sign up for the SOC Prime Platform to proactively defend your organization against UAC-0001 (APT28) attacks exploiting CVE-2026-21509. Just press Explore Detections below and access a relevant detection rule stack, enriched with AI-native CTI, mapped to the MITRE ATT&CK® framework, and compatible with a wide range of SIEM, EDR, and Data Lake technologies.

Explore Detections

Security experts can also use the “CERT-UA#19542” tag based on the relevant CERT-UA alert identifier to search for the detection stack directly and track any content changes.  For more rules to detect attacks related to the UAC-0001 adversary activity, security teams can search the Threat Detection Marketplace library leveraging the “UAC-0001” or “APT28” tags based on the group identifier, as well as the relevant “CVE-2026-21509” tag addressing the Microsoft Office zero-day exploitation.

Additionally, users can refer to a dedicated Active Threats item on the UAC-0001 (APT28) latest attacks to access the AI summary, related detection rules, simulations, and the attack flow in one place.

Security teams can also rely on Uncoder AI to create detections from raw threat reports, document and optimize code, and generate Attack Flows. Additionally, cyber defenders can easily convert IOCs from the latest CERT-UA#19542 alert into performance-optimized queries compatible with your security stack.

Analyzing UAC-0001 (APT28) Attacks Exploiting CVE-2026-21509

In late January 2026, CERT-UA observed a series of targeted cyber attacks attributed to UAC-0001 (APT28) that leveraged an actively exploited Microsoft Office vulnerability tracked as CVE-2026-21509. The malicious activity emerged shortly after Microsoft publicly disclosed the flaw and was initially directed at Ukrainian government entities before expanding to organizations across the European Union.

To establish initial access, attackers distributed specially crafted Microsoft Word documents exploiting CVE-2026-21509. One document, titled “Consultation_Topics_Ukraine(Final).doc,” referenced COREPER, the Committee of Permanent Representatives of the EU, which prepares decisions and coordinates policy among EU member states. Although the file became publicly accessible on January 29, metadata analysis showed it had been created on January 27 (one day after Microsoft’s advisory), indicating rapid weaponization of the vulnerability.

In parallel, CERT-UA received reports of phishing emails impersonating official correspondence from the Ukrainian Hydrometeorological Center. These messages, sent to more than 60 recipients primarily within central executive authorities of Ukraine, contained malicious DOC attachments. When opened in Microsoft Office, the documents established a network connection to an external resource over WebDAV and downloaded a shortcut file containing code designed to retrieve and launch an executable file.

Successful execution of the downloaded payload results in the creation of a malicious DLL file, EhStoreShell.dll, masquerading as the legitimate Enhanced Storage Shell Extension library, and an image file (SplashScreen.png) containing shellcode. The attack also modifies the Windows registry path for CLSID {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}, implementing COM hijacking, and creates a scheduled task named OneDriveHealth.

Scheduled execution of the task causes the explorer.exe process to terminate and restart, which (due to the COM hijacking) ensures the loading of EhStoreShell.dll. The DLL executes shellcode from the image file, ultimately resulting in the launch of the COVENANT framework. Command-and-control communications for COVENANT relied on legitimate cloud storage infrastructure provided by Filen (filen.io).

Toward the end of January 2026, CERT-UA identified additional documents using the same exploit chain and delivery mechanisms in attacks against EU-based organizations. Technical overlaps in document structure, embedded URLs, and supporting infrastructure suggest these incidents were part of a coordinated UAC-0001 (APT28) campaign, demonstrating the rapid scaling of the operation beyond its initial Ukrainian targets.

Given the active exploitation of a Microsoft Office zero-day and the challenges many organizations face in promptly applying patches or mitigations, further abuse of CVE-2026-21509 is expected in the near term. 

To reduce the attack surface, organizations should implement the mitigation measures outlined in Microsoft’s advisory, including recommended Windows registry configurations. In addition, as UAC-0001 (APT28) leverages legitimate Filen cloud infrastructure for COVENANT command-and-control operations, network interactions with Filen-related domains and IP addresses should be restricted or placed under enhanced monitoring.

Additionally, security experts can rely on SOC Prime’s AI-Native Detection Intelligence Platform, which equips SOC teams with cutting-edge technologies and top cybersecurity expertise to stay ahead of APT28 attacks while maintaining operational effectiveness. 

MITRE ATT&CK Context

Leveraging MITRE ATT&CK offers in-depth insight into the latest UAC-0001 (APT28) attacks leveraging CVE-2026-21509 exploit to target Ukrainian and EU entities. The table below displays all relevant Sigma rules mapped to the associated ATT&CK tactics, techniques, and sub-techniques.

The post UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU appeared first on SOC Prime.

Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE).

Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor alongside another 11 security bugs in the open source SSL/TLS toolkit.

OpenSSL is a widely used open-source library that powers SSL/TLS security across websites, VPNs, email servers, and apps worldwide, protecting data integrity and privacy. But with such widespread use comes the risk layer. The 2025 OSSRA Report states that 86% of commercial codebases contained open-source vulnerabilities, 81% of them high or critical.

Sign up for the SOC Prime Platform to access the global Active Threats feed, providing real-time detection intelligence and ready-to-use detection rules for emerging risks, including open-source software vulnerabilities. Click Explore Detections to view the full detection library and filter by “CVE” for proactive defense.

Explore Detections

All rules are compatible with multiple SIEM, EDR, and Data Lake platforms and are mapped to the MITRE ATT&CK® framework. Each rule includes CTI links, attack timelines, audit settings, and triage guidance.

Cyber defenders can also use Uncoder AI to empower their detection engineering workflows. Generate detection algorithms from raw threat reports, enable fast IOC sweeps, predict ATT&CK tags, optimize query code with AI tips, and translate it across multiple SIEM, EDR, and Data Lake languages.

CVE-2025-15467 Analysis

According to the OpenSSL advisory released on January 27, CVE-2025-15467 impacts the handling of Cryptographic Message Syntax (CMS) AuthEnvelopedData structures within OpenSSL’s cryptographic library. Specifically, it arises from a stuck buffer overflow during the parsing of CMS AuthEnvelopedData when processing maliciously crafted AEAD parameters.

“When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination,” OpenSSL explains.

As a result, the flaw allows an attacker to supply a specially crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag checks are performed.

Any application or service that processes untrusted CMS or PKCS#7 content with AEAD ciphers (such as S/MIME AuthEnvelopedData using AES-GCM) is at risk. The vulnerability is particularly concerning because the overflow occurs before authentication, meaning an attacker does not need valid key material to exploit it.

OpenSSL versions 3.0 through 3.6 are affected, while 1.1.1 and 1.0.2 remain safe. Users should update to the 3.6.1, 3.5.5, 3.4.4, 3.3.6, and 3.0.19 patched releases, depending on their version.

Notably, CVE-2025-15467 may be exploited to achieve remote code execution. While the success of such attacks depends on platform-specific conditions and compiler-level protections, the presence of a stack buffer overflow significantly lowers the barrier to exploitation, requiring immediate patching. 

Enhancing proactive cybersecurity strategies is crucial for organizations to reduce the risks of vulnerability exploitation. By leveraging SOC Prime’s complete product suite for enterprise-ready cyber defense backed by top expertise and AI, and built on zero-trust milestones, global organizations can future-proof defenses at scale and strengthen their security posture.

The post CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution appeared first on SOC Prime.

The year 2026 has started with an avalanche of zero-day vulnerabilities, causing a menace for cyber defenders. Right after Microsoft Office zero-day (CVE-2026-21509) and a critical flaw in Cisco products (CVE-2026-20045) that were repeatedly exploited for in-the-wild attacks, Fortinet has disclosed another serious issue, immediately drawing the attention of threat actors.

Identified as CVE‑2026‑24858, the FortiCloud SSO flaw enables attackers who have a FortiCloud account and a registered device to circumvent authentication and gain access to other devices associated with different accounts whenever SSO is activated.

Overall, the 2025 Verizon Data Breach Investigations Report (DBIR) highlights a 34% surge in vulnerability exploitation, accounting for 20% of all breaches last year. Notably, the median time for vulnerabilities to be mass-exploited is shrinking, making zero-days a new normal as large-scale exploitation frequently breaks out before the official CVE publication date.

Join the SOC Prime Platform, the world’s largest hub of Detection Intelligence, providing a complete pipeline from threat detection to simulation to enhance your SOC operations and proactively defend against APTs, exploitation campaigns, and advanced cyber threats. Click Explore Detections to access a curated, context-rich collection of detection rules addressing vulnerability exploitation, filtered by the relevant CVE tags.

Explore Detections

All rules are mapped to the latest MITRE ATT&CK® framework v18.1 and are compatible with multiple SIEM, EDR, and Data Lake platforms. Additionally, each rule is enriched with broad metadata, including CTI references, attack flows, audit configurations, and more.

Cyber defenders can also use Uncoder AI to empower their detection engineering workflows. Turn raw threat reports into actionable behavior rules, test your detection logic, map out attack flows, turn IOCs into hunting queries, or instantly translate detection code across languages backed by the power of AI and deep cybersecurity expertise behind every step.

CVE-2026-24858 Analysis

In late January 2026, Fortinet disclosed CVE‑2026‑24858, a critical flaw in FortiOS, FortiManager, and FortiAnalyzer that allows attackers to bypass FortiCloud single sign-on (SSO) and access devices linked to other accounts. The vulnerability leverages an alternate path or channel, creating a risk for any system where SSO is active.

FortiCloud SSO is not automatically enabled on new devices, but it can be turned on when administrators register hardware to FortiCare via the GUI. Unless the registration toggle for “Allow administrative login using FortiCloud SSO” is manually disabled, SSO becomes active, which may expose devices to exploitation.

The vulnerability was actively targeted in the wild by at least two malicious FortiCloud accounts, which were blocked on January 22, 2026. To reduce risk, Fortinet temporarily suspended FortiCloud SSO on January 26 and restored it the next day only on devices that had been patched. Users are strongly advised to update their firmware to the latest version to safely continue using SSO authentication. FortiWeb and FortiSwitch Manager are also being evaluated for related security concerns.

This disclosure follows a series of attacks in which unknown threat actors abused a “new attack path” to bypass FortiCloud SSO authentication without credentials. On January 20, 2026, multiple Fortinet clients reported that attackers had gained access to their FortiGate firewalls and created new local admin accounts despite the systems running the most recent FortiOS updates. These devices had already patched CVE‑2025‑59718 and CVE‑2025‑59719, previous vulnerabilities that allowed SSO bypass through specially crafted SAML messages on internet-exposed devices. Fortinet confirmed that these recent breaches were caused by the newly discovered CVE‑2026‑24858, underlining the ongoing risk of authentication bypass in FortiCloud SSO-enabled devices.

Due to its critical nature, CVE‑2026‑24858 has been assigned a CVSS score of 9.4 and included in CISA’s Known Exploited Vulnerabilities catalog, with remediation required for all Federal Civilian Executive Branch (FCEB) agencies by January 30, 2026.

Fortinet strongly recommends that all affected users immediately update their FortiOS, FortiManager, and FortiAnalyzer devices to the latest patched versions and follow the mitigation steps described in the advisory. Additionally, SOC teams can strengthen their defenses by leveraging SOC Prime’s AI-Native Detection Intelligence Platform, which provides access to the largest and most up-to-date repository of detection content. The platform enables teams to integrate a full pipeline from detection to simulation, orchestrate workflows using natural language, and navigate the constantly evolving threat landscape while enhancing security at scale.

The post CVE-2026-24858: FortiOS SSO Zero-Day Exploited in the Wild appeared first on SOC Prime.

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features. 

In view of the exploitation cases confirmed by Microsoft, the flaw has been promptly added to the CISA’s Known Exploited Vulnerabilities (KEV) catalog, requiring US federal civilian agencies to patch it by February 16, 2026. 

Microsoft products continue to be a juicy target for zero-day exploits, with 41 vulnerabilities identified as zero-days last year, 24 of which were leveraged for in-the-wild attacks, according to Tenable. The Windows operating system and Office components remain the primary attack vectors, with this trend persisting into 2026.  

Sign up for SOC Prime Platform, aggregating the world’s largest detection intelligence dataset and offering a complete product suite that empowers SOC teams to seamlessly handle everything from detection to simulation. The Platform features a large collection of rules addressing critical exploits and cyber threats of any sophistication. Just press Explore Detections and immediately drill down to a relevant detection stack filtered by “CVE” tag.

Explore Detections

All rules are mapped to the latest MITRE ATT&CK® framework v18.1 and are compatible with multiple SIEM, EDR, and Data Lake platforms. Additionally, each rule comes packed with broad metadata, including CTI references, attack flows, audit configurations, and more.

Cyber defenders can also use Uncoder AI to streamline their detection engineering routine. Turn raw threat reports into actionable behavior rules, test your detection logic, map out attack flows, turn IOCs into hunting queries, or instantly translate detection code across languages backed by the power of AI and deep cybersecurity expertise behind every step.

CVE-2026-21509 Analysis

On January 26, 2026, Microsoft issued an advisory detailing a security feature bypass vulnerability affecting Microsoft Office 2016, Microsoft Office 2019, Microsoft Office LTSC 2021, Microsoft Office LTSC 2024, and Microsoft 365 Apps for Enterprise.

The security issue arises from Microsoft Office’s reliance on untrusted inputs in security decisions. This allows unauthenticated local hackers to bypass a security feature. Specifically, CVE-2026-21509 allows threat actors to bypass OLE mitigations in Microsoft 365 and Office, exposing users to vulnerable COM/OLE controls. 

Exploitation typically involves convincing a user to open a malicious Office file sent by the attacker. While Microsoft notes that the Preview Pane is not directly an attack vector, the vulnerability can still be abused through low-complexity, user-interaction attacks.

Microsoft credits its internal cybersecurity research teams for vulnerability disclosure, sharing very little information on the exploitation cases. Security advisory only confirms exploitation attempts in the wild. Yet, a public PoC exploit is not available, suggesting that a limited number of threat actors might have leveraged the flaw in targeted campaigns. 

Notably, Office 2021 and later users are automatically protected through a service-side fix after restarting the applications. Office 2016 and 2019 require either installing the upcoming security update or manually applying a registry change to block vulnerable COM/OLE controls. This involves adding a specific subkey under the COM Compatibility registry node and setting a Compatibility Flags DWORD value to 400. Users should back up the registry before making any changes and restart Office for the protections to take effect.

Organizations that rely on corresponding Microsoft Office products are urged to apply the patches immediately or follow the mitigation steps described in the advisory. Also, by enhancing the defenses with SOC Prime’s AI-Native Detection Intelligence Platform, SOC teams can source detection content from the largest and up-to-date repository, seamlessly adopt the full pipeline from detection to simulation into their security processes, orchestrate workflows in their natural language, and smoothly navigate the ever-changing threat landscape while strengthening defenses at scale.

The post CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch appeared first on SOC Prime.

Update (January 28, 2026): This article has been updated to feature a dedicated detection rule set focused on CVE-2026-24061 exploitation. Dive into the threat overview and access the updated rule collection, which now contains 5 content items.

A new day, a new challenge for cyber defenders. Right after the disclosure of a nasty zero-day vulnerability in Cisco’s unified communication management products (CVE-2026-20045), security researchers spotted a novel bug that had gone unnoticed for 11 years. A critical authentication bypass issue (CVE-2026-24061) affects the GNU InetUtils telnet daemon (telnetd), enabling remote attackers to elevate their privileges to root on the affected system.

Detect CVE-2026-24061 Exploitation Attempts

Researchers from the threat intelligence company GreyNoise observe that more than 20 unique IPs attempted to proceed with auth bypass attacks by exploiting CVE-2026-24061 over the last day. 

Register for the SOC Prime Platform to access the world’s largest real-time detection intelligence collection, backed by a comprehensive product suite supporting everything from detection to simulation. Click Explore Detections and immediately drill down to a content stack addressing CVE-2026-24061 exploitation attempts.

Explore Detections

For those interested in exploring the full set of rules and queries related to vulnerability exploitation, our extensive library of Sigma rules is available for browsing with a dedicated “CVE” tag.

All the rules are compatible with 40+ SIEM, EDR, and Data Lake platforms and are mapped to the MITRE ATT&CK® framework v18.1. Additionally, each rule comes packed with broad metadata, including CTI references, attack flows, audit configurations, and more.

Security professionals can also leverage Uncoder AI to streamline their detection engineering efforts. Generate behavior rules from raw threat reports, validate detection logic, visualize Attack Flow, convert IOCs into hunting queries, or instantly translate detection code across multiple languages – all in one place.

CVE-2026-24061 Analysis

A newly disclosed simple argument injection vulnerability in the GNU InetUtils telnetd enables threat actors to bypass authentication using “-f root” value in the USER environment variable. Consequently, an unauthenticated remote attacker might get access to instances running the affected teltetd services and escalate privileges to root. Successful exploitation may allow hackers to access sensitive data, modify system configurations, and execute arbitrary commands, potentially leading to full system compromise.

According to the security advisory, the issue occurs because the telnetd service invokes /usr/bin/login, which typically runs with root privileges, and passes the USER environment variable supplied by the client as an argument without proper sanitization. By supplying the value “-f root” and using the telnet -a or --login option, the attacker causes login to skip standard authentication checks, resulting in an automatic root login.

The vulnerability was introduced by a source code change committed in March 2015 and first appeared in GNU InetUtils version 1.9.3. Remaining undetected for more than 11 years, the flaw affects all GNU InetUtils releases from version 1.9.3 through version 2.7, inclusive.

Users still running telnetd should install the upgrade as soon as possible. To mitigate the risks, security experts advise restricting telnet port access to trusted clients only. As temporary measures, users can also disable the telnetd server entirely or configure it to use a custom login utility that blocks the -f parameter, preventing unauthorized root logins.

Also, to always stay ahead of emerging threats, rely on SOC Prime’s AI-Native Detection Intelligence Platform, which equips SOC teams with cutting-edge technologies for threat detection and hunting.

The post CVE-2026-24061 Detection: Decade-Old Vulnerability in GNU InetUtils telnetd Enables Remote Root Access appeared first on SOC Prime.

Hot on heels of the DoS vulnerability in Palo Alto Networks’ GlobalProtect (CVE-2026-0227), security professionals are facing another major challenge. This time, Cisco announced that several of its unified communications products are affected by a critical remote code execution (RCE) vulnerability. If successfully exploited, the flaw enables hackers to execute malicious commands on the underlying OS of the device. CVE-2026-0227 was quickly spotted by the malicious actors, with Cisco noting attempts to exploit the vulnerability for in-the-wild attacks.

This latest RCE adds to an already concerning list of high-impact vulnerabilities in Cisco products disclosed at the end of last year. These include RCE flaws in Cisco ISE and SE-PIC (CVE-2025-20281, CVE-2025-20282), as well as a critical zero-day in its AsyncOS Software (CVE-2025-20393). 

The increasing frequency of zero-day exploitation, combined with shrinking patch windows, is putting unprecedented pressure on SOC teams. According to the 2025 Verizon Data Breach Investigations Report, breaches originating from vulnerability exploitation increased by 34% year over year. This sharp rise underscores more proactive, defense-in-depth strategies, since reactive patching alone no longer seems sufficient.

Sign up for SOC Prime Platform, offering the world’s largest detection Intelligence dataset and covering a full pipeline from detection to simulation to take your SOC to the next level and proactively thwart APT attacks, exploitation campaigns, and cyber threats of any scale and sophistication. Press Explore Detections to reach a comprehensive context-enriched rule set addressing critical exploits, filtered by the corresponding “CVE” tag.

Explore Detections

All detection rules can be used across multiple SIEM, EDR, and Data Lake platforms and are aligned with the latest  MITRE ATT&CK® framework v18.1. Explore AI-native threat intelligence, including CTI references, attack timelines, audit configurations, triage recommendations, and more threat context each rule is enriched with.

Security teams can also leverage Uncoder AI to accelerate end-to-end detection engineering, including automatically generating rules from live threat reports, refining and validating logic, visualizing Attack Flows, converting IOCs into custom hunting queries, and instantly translating detection code across multiple languages.

CVE-2026-20045 Analysis

On January 21, 2026, Cisco patched a critical code injection vulnerability stemming from improper validation of user-supplied input in HTTP requests. The advisory details that threat actors might exploit the flaw by sending a set of crafted HTTP requests to the web-based management interface of the targeted instance. Upon exploitation, the hackers obtain user-level access to the operating system and can elevate their privileges to root.

According to the vendor, Unified CM, Unified CM Session Management Edition (SME), Unified CM IM & Presence Service (IM&P), Unity Connection, and Webex Calling Dedicated Instance are found vulnerable. In view of no workarounds being available, while in-the-wild exploitation is ongoing, Cisco urges users to apply patches immediately. 

Notably, CVE-2026-20045 has been promptly added to the CISA’s Known Exploited Vulnerabilities (KEV) catalog. Federal agencies are now required to apply the corresponding updates no later than February 11, 2026, highlighting the urgency of remediation.

The fast-moving exploitation of CVE-2026-20045 suggests a rising risk of follow-on attacks against organizations worldwide. To minimize the risks of exploitation attempts, rely on SOC Prime’s AI-Native Detection Intelligence Platform, which equips SOC teams with cutting-edge technologies and top cybersecurity expertise to stay ahead of emerging threats while maintaining operational effectiveness.

The post CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild appeared first on SOC Prime.

Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available.

GlobalProtect is Palo Alto Networks’ VPN and secure remote-access platform. It enables users to safely connect to their organization’s network by directing traffic through a Palo Alto firewall, which enforces the same security policies and protections used within the corporate network.

The issue, tracked as CVE-2026-0227, is a denial-of-service (DoS) vulnerability in GlobalProtect PAN-OS software caused by an improper check for exceptional conditions. This vulnerability allows an unauthenticated attacker to disrupt the firewall, with repeated exploitation potentially forcing the device into maintenance mode.

To help security teams quickly detect and respond to threats like CVE-2026-0227, quick access to the relevant detection intelligence and rules is essential. SOC Prime’s AI-Native Detection Intelligence Platform empowers SOC teams with advanced technologies and expert cybersecurity insights to proactively counter threats and strengthen organizational resilience. By clicking Explore Detections, users gain access to a comprehensive library of detection content addressing vulnerability exploitation, easily filtered using the custom “CVE” tag.

Explore Detections

Detections from this dedicated rule set are compatible with multiple SIEM, EDR, and Data Lake platforms and fully mapped to the latest MITRE ATT&CK® framework v18.1. Security teams can also leverage Uncoder AI to accelerate end-to-end detection engineering, including automatically generating rules from live threat reports, refining and validating logic, visualizing Attack Flows, converting IOCs into custom hunting queries, and instantly translating detection code across multiple languages.

CVE-2026-0227 Analysis

On January 14, 2026, Palo Alto Networks published an advisory warning users about a high-severity vulnerability that could allow unauthenticated attackers to disable firewall protections through denial-of-service (DoS) attacks.

Tracked as CVE-2026-0227 with a CVSS score of 7.7, this security flaw affects next-generation firewalls running PAN-OS 10.1 or later and Palo Alto Networks’ Prisma Access configurations when the GlobalProtect gateway or portal is enabled. According to the company, most cloud-based Prisma Access instances have already been patched, while the remaining systems are scheduled for updates.

Shadowserver notes that nearly 6,000 Palo Alto Networks firewalls are currently exposed online, though it remains unclear how many are still vulnerable or have already been secured. At the time of the advisory, Palo Alto Networks reported no evidence of active exploitation, but noted that a proof-of-concept (PoC) exploit already exists.

Flaws like CVE-2026-0227 are particularly dangerous because they allow attackers to disrupt critical firewall protections without authentication, potentially exposing organizations to follow-on attacks or network compromise. Immediate patching is essential to prevent service outages and reduce the risk of subsequent intrusions. Rely on the SOC Prime Platform to reach ​​the world’s largest detection intelligence dataset, adopt an end-to-end pipeline that spans detection through simulation while streamlining security operations and speeding up response workflows, reduce engineering overhead, and always stay ahead of emerging threats. 

The post CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption appeared first on SOC Prime.