Cybersecurity Weekly Update
Key Highlights: EU Bans AI Tools, Notepad++ Secures Updater, and Apple Fixes iOS Zero-Day
By Pooja Tikekar, February 19, 2026
In the latest cybersecurity developments, Cambodia has taken significant action against online fraud, while the European Parliament has suspended AI tools over privacy concerns. Canada Goose is addressing a data leak, and Notepad++ has patched vulnerabilities in its updater. Additionally, Apple has resolved a long-standing zero-day issue in iOS, and other critical vulnerabilities have emerged affecting various tech firms.
Cambodia’s crackdown on online fraud has led to the closure of nearly 200 scam centers and the detention of 11,000 foreign nationals, primarily linked to transnational online criminal organizations. The Ministry of Information reported that this enforcement is part of a broader initiative to address rampant online fraud. Notably, high-profile figures, including Chen Zhi, founder of the Prince Holding Group, have been arrested following U.S. Department of Justice indictments. These scam operations, engaging in romance and investment fraud, exploit trafficked and coerced workers, reportedly generating billions in profit yearly.
The European Parliament has responded to rising cybersecurity threats by disabling built-in AI tools on devices used by lawmakers. Citing concerns over data security, particularly related to AI features that send information to external cloud servers, IT officials have advised members to adopt similar precautions on personal devices. This move aligns with ongoing discussions within the EU aimed at enhancing digital sovereignty and data protection.
In a separate incident, Canada Goose is contesting the authenticity of a dataset claimed to have been leaked by the ShinyHunters data extortion group. The retailer asserts that its preliminary investigation reveals no evidence of a breach, attributing the exposed data to a historical transaction archive instead. This case illustrates growing concerns about supply chain vulnerabilities as other organizations, such as Harvard University, face similar data theft challenges.
Notepad++ has released a new security update designed to remedy vulnerabilities identified in its update mechanism, which had previously been exploited as part of a supply chain attack. The introduction of a “double-lock” verification system aims to ensure both the integrity of the updater and the authenticity of the software it deploys. This move follows an increased emphasis on securing software supply chains across the industry.
In threats targeting corporate entities, “Operation DoppelBrand,” a phishing campaign attributed to an actor known as GS7, has been active, aiming its efforts at Fortune 500 companies. Utilizing cloned banking and technology portals, this operation highlights the risks of credential theft and unauthorized remote access. The attackers have exploited a variety of tactics detailed in the MITRE ATT&CK Matrix, including initial access through phishing and persistence via implanted remote access tools.
Moreover, Apple has disclosed a critical vulnerability affecting the dynamic linker editor used in its iOS systems, which has remained unpatched for decades. Exploited in a sophisticated attack targeting high-value individuals, this flaw could allow attackers to circumvent security protocols by executing arbitrary code. Apple has acted to patch this vulnerability in its most recent iOS update.
Lastly, BeyondTrust has issued emergency security patches for a critical remote code execution vulnerability in its Remote Support products that is currently under active exploitation. This vulnerability, given its high severity score, underscores the ongoing risk faced by providers of privileged access management solutions. Additionally, Dell has addressed a zero-day flaw in its RecoverPoint for virtual machines, which had been leveraged since 2024 by a suspected Chinese hacking group.
As cybersecurity threats continue to evolve, business owners must remain vigilant about potential vulnerabilities and the latest defenses to protect their organizations.