![Cybersecurity News | Daily Recap [23 Feb 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [23 Feb 2026]")
Daily Recap, CISA warns that two patched Roundcube Webmail flaws (CVE-2025-49113 and CVE-2025-68461) are actively exploited, prompting federal agencies to patch within three weeks and exposing tens of thousands of internet-facing instances tied to Winter Vivern (TA473) and APT28. Arkanix Stealer has emerged as a short-lived, AI-assisted info-stealer with modular Python and protected C++ builds that exfiltrated data from browsers, wallets, messengers, and games, while researchers published IoCs and a threat-research hub tracks a Weekly Recap for 22 Feb 2026. #WinterVivern #ArkanixStealer
Vulnerabilities & Exploits
- CISA warned that two recently patched Roundcube Webmail flaws β CVE-2025-49113 and CVE-2025-68461 β are being actively exploited, ordered U.S. federal agencies to patch within three weeks, and noted tens of thousands of internet-exposed instances with links to groups like Winter Vivern (TA473) and APT28 β Roundcube flaws
Malware & Info-stealers
- Arkanix Stealer surfaced as a short-lived, likely LLM-assisted infoβstealer offering modular Python and protected C++ builds that stole data from browsers, wallets, messengers and games, ran a Discord/referral program, had IoCs published by researchers, and was abruptly taken down two months after launch β Arkanix Stealer
Research & Recaps
- A threat-research hub maintains a running page of daily summaries and analyses including the Weekly Recap for 22 Feb 2026 β Weekly recap