Cyber Briefing: 2026.02.13
State hackers abuse Gemini for recon, Notepad RCE patched, malicious Chrome extension steals 2FA data, major healthcare and telecom breaches disclosed.
👉 What are the latest cybersecurity alerts, incidents, and news?
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this? Please Subscribe
🚨 Cyber Alerts
1. State Hackers Use Gemini AI For Attacks
Google recently revealed that North Korean cyber actors under the UNC2970 moniker are utilizing Gemini to automate target profiling and streamline their long-running phishing campaigns. By synthesizing open-source intelligence and researching specific defense industry job roles, these hackers are effectively blurring the line between professional research and malicious reconnaissance to accelerate their attack cycles.
2. Windows 11 Notepad Lets Files Run Silently
Microsoft recently patched a high-severity security flaw in the Windows 11 Notepad application that enabled remote code execution through malicious Markdown links. Attackers could exploit this vulnerability to run unauthorized programs on a victim’s system without triggering standard Windows security warnings.
3. Malicious Chrome Extensions Steal Data
Security researchers have identified a deceptive Google Chrome extension called CL Suite that targets Meta Business Suite and Facebook Business Manager accounts. Although it claims to offer legitimate data scraping and security features, the tool secretly exfiltrates two-factor authentication codes and sensitive business contact lists to a remote server.
For more alerts click here!
💥 Cyber Incidents
4. ApolloMD Breach Impacts 626,540 People
A cyberattack on the healthcare services provider ApolloMD in May 2025 resulted in the theft of personal and medical data belonging to over 626,000 patients. The breach, which was later claimed by the Qilin ransomware group, compromised sensitive information ranging from treatment records to Social Security numbers for individuals treated by ApolloMD’s affiliated physicians.
5. Odido Announces Data Breach
The Netherlands’ leading mobile provider, Odido, recently disclosed a major cyberattack that resulted in the theft of personal data from 6.2 million customers. While the breach involved sensitive information like bank accounts and ID numbers, the company confirmed that its daily operations remain unaffected and the unauthorized access has been blocked.
6. Ransomware Halts Payments For BTU Customers
Bryan Texas Utilities customers are entering their sixth day of payment disruptions following a ransomware attack on BridgePay, the utility’s third-party processor. While the outage prevents thousands of residents from using credit or debit cards for online billing, officials confirm that sensitive personal data remains secure through tokenization.
For more incidents click here!
📢 Cyber News
7. Bitwarden Launches Cupid Vault Feature
Bitwarden has introduced Cupid Vault, a new feature that enables free users to securely share passwords with a trusted partner or contact through a two-person organizational space. This system utilizes end-to-end encryption and fingerprint phrase verification to ensure that shared credentials remain protected from outside interference while remaining separate from a user’s personal vault.
8. Leaked Files Show China Rehearsing Cyberattacks
Leaked technical documents reveal that China is utilizing a covert training platform to simulate cyberattacks against the critical infrastructure of neighboring nations. These internal files provide a rare look into the preparatory stages of offensive digital operations, focusing on replicating the real-world network environments of strategic targets.
9. Epstein-Linked Hacker Removed From Black Hat
Vincenzo Iozzo, a prominent cybersecurity expert recently linked to Jeffrey Epstein through Department of Justice documents, has been removed from the official review board listings of major industry conferences Black Hat and Code Blue. Although Iozzo has maintained his position on the Black Hat board since 2011, he recently stated he would not resign voluntarily and has called for a full investigation into the matter.
For more news click here!
📈Cyber Stocks
Cybersecurity stock performance on Friday, 13 February 2026 showed broad sector softness alongside wider market volatility, with rotation out of high-beta tech names and profit-taking in growth segments.
Palo Alto Networks Inc closed near 162.81 dollars and was lower, as platform and cloud security valuations felt pressure amid broader tech weakness.
Crowdstrike Holdings Inc finished around 411.54 dollars and moved down, reflecting profit-taking in cloud-native endpoint and identity protection stocks.
Okta Inc closed at 84.91 dollars and declined, with identity and access management names tracking sector rotation.
Zscaler Inc ended near 170.90 dollars and was slightly lower, as zero-trust cloud security equities followed broader tech sentiment.
Fortinet Inc closed around 84.26 dollars and moved down, despite outperforming some peers recently on relative earnings resilience.
💡 Cyber Tip
🧩 Malicious Chrome Extension Steals Business Data
Researchers uncovered a Chrome extension called CL Suite that targets Meta Business Suite and Facebook Business Manager accounts. Marketed as a productivity and analytics tool, it secretly exfiltrates two-factor authentication codes, TOTP seeds, and detailed business contact data to attacker-controlled servers.
🛠️ What You Should Do
Remove the CL Suite extension immediately if installed
Review all Chrome extensions with access to Meta or Facebook accounts
Rotate passwords and reconfigure MFA for affected business accounts
Audit business users, roles, and linked ad accounts for suspicious changes
Restrict extension installation on corporate browsers
⚠️ Why This Matters
Stealing MFA seeds allows attackers to bypass two-factor authentication even without a password. Combined with harvested business contact data, this can enable account takeovers, ad fraud, and targeted phishing against high-value company personnel.
📚 Cyber Book
Phishing Prevention Guide by Ravi Rajput
Copyright © 2026 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium