Kaspersky researchers disclosed a supply chain attack targeting Notepad++ text editor update infrastructure that operated from July through October 2025. On February 2, 2026, Notepad++ developers announced their update infrastructure was compromised due to a hosting provider breach from June to September 2025, with attackers maintaining access until December 2025. The campaign targeted approximately a dozen machines belonging to individuals in Vietnam, El Salvador, and Australia, along with government, financial, and IT service provider organizations. Attackers continuously changed their attack methods, server addresses, and malware throughout the operation. Three infection chains were identified: Chain 1 ran from late July through early August using fake update files that collected system information and uploaded it to temp[.]sh before deploying Cobalt Strike backdoor through exploitation of old ProShow software vulnerabilities. Chain 2 operated from mid-September through late September with modified update files that expanded information collection and used legitimate Lua interpreter software to load and execute malicious code, also delivering Cobalt Strike. Chain 3 deployed in October using standard malware installation techniques to drop the Chrysalis backdoor, with Rapid7 observing additional Cobalt Strike deployment. Attackers rotated between different domains including cdncheck.it[.]com, self-dns.it[.]com, safe-dns.it[.]com, and api.wiresguard[.]com throughout the campaign.

Impact: The compromise of Notepad++ update infrastructure enabled targeted attacks against high-profile organizations worldwide through a trusted software distribution channel. Attackers demonstrated sophistication by drastically changing infection chains monthly to evade detection while spreading implants in a targeted manner. The deployment of multiple payloads including Cobalt Strike Beacon and Chrysalis backdoor provided persistent remote access for espionage and data theft operations. Chain 3’s execution techniques match patterns associated with Chinese-speaking threat actors. The targeted nature of infections affecting government, financial, and IT service provider organizations suggests intelligence collection objectives.

Recommendation: Organizations using Notepad++ should verify software integrity and investigate systems for compromise indicators. Review network traffic for DNS resolutions to temp[.]sh domain and HTTP requests with temp[.]sh URLs embedded in User-Agent headers. Hunt for suspicious command sequences including whoami, tasklist, systeminfo, and netstat -ano executed in rapid succession. Block identified malicious domains. Search for files dropped to %appdata%\ProShow, %APPDATA%\Adobe\Scripts, and %appdata%\Bluetooth directories. Monitor for LOLC2 service connections, local reconnaissance command sequences, and persistence through Windows Registry Run keys.

VirusTotal disclosed that it has detected hundreds of OpenClaw skills exhibiting malicious characteristics, describing the ecosystem as a growing supply-chain attack surface for distributing droppers, backdoors, infostealers, and remote access tools disguised as automation. The activity was reported on February 2, 2026, in the VirusTotal Blog, based on VirusTotal Code Insight analysis of OpenClaw skill packages, including ZIP files, distributed through the OpenClaw skills ecosystem. The reported abuse relies on skills acting as social-engineering wrappers rather than embedding overtly malicious code. Skill documentation instructs users to paste commands into a shell, download password-protected archives, execute binaries, or run obfuscated scripts that retrieve and execute additional payloads from external sources. VirusTotal notes that traditional security tools may not flag the initial skill packages because the malicious behavior is defined by the execution workflow described in SKILL.md rather than by code contained in the skill itself.

Impact: Organizations using OpenClaw skills may be exposed to endpoint compromise if users install community-provided skills that require executing downloaded binaries or shell commands. Because the initial skill packages can appear benign and evade traditional file-based detection, this technique increases the likelihood of malware installation, data theft, or unauthorized remote access on systems where OpenClaw agents are deployed.

Recommendation: Recommendations include restricting who can install or modify OpenClaw skills and treating skill directories as trusted code locations, preferring sandboxed or isolated execution of agents, and avoiding deployment of agents on systems with sensitive credentials unless strong isolation controls are in place. Be skeptical of skills that require pasting shell commands or executing externally downloaded binaries, and consider implementing internal scanning or approval processes to identify skills that include remote execution steps, obfuscated scripts, or other behaviors designed to bypass user oversight.

Zscaler ThreatLabz identified Operation Neusploit in January 2026, a campaign attributed to Russia-linked APT28 with high confidence, targeting users in Central and Eastern European countries including Ukraine, Slovakia, and Romania. The campaign weaponizes specially crafted Microsoft RTF files exploiting CVE-2026-21509 to deliver malicious backdoors through a multi-stage infection chain. Microsoft released an out-of-band patch on January 26, 2026, with ThreatLabz observing active exploitation on January 29, 2026. Social engineering lures were crafted in English and localized languages including Romanian, Slovak, and Ukrainian to target users in respective countries. The threat actor employed server-side evasion, responding with malicious DLL payloads only when requests originated from targeted geographic regions and included correct User-Agent HTTP headers. ThreatLabz identified two dropper variants deployed after successful CVE-2026-21509 exploitation. Variant 1 deploys MiniDoor, a lightweight Outlook VBA-based email stealer that modifies registry keys to enable all macros, disable content download warnings, and load the malicious VBA project automatically on Outlook startup. Variant 2 deploys PixyNetLoader, which establishes persistence through COM object hijacking by replacing EhStoreShell.dll with a malicious version that loads in explorer.exe. PixyNetLoader drops two files onto the victim’s system: a loader and an image file that appears to be a normal PNG but secretly contains hidden malicious code embedded within the pixel data. When the loader runs, it extracts the hidden code from the image, loads it directly into memory without writing it to disk, and executes it.

Impact: The campaign enables email theft and persistent backdoor access across government and private sector organizations in Central and Eastern Europe. MiniDoor provides continuous email exfiltration, capturing both existing and newly received messages across multiple mailbox folders while actively suppressing forensic evidence by deleting sent copies. PixyNetLoader’s Covenant Grunt implant provides full command-and-control capability through legitimate API abuse, with persistence mechanisms surviving system restarts through COM hijacking and scheduled task execution. The campaign’s use of localized language lures and geographic server-side filtering demonstrates targeted operations tailored to specific regional victims. Attribution links to APT28 through shared tooling with NotDoor, Filen API abuse patterns matching Operation Phantom Net Voxel, and overlapping techniques including COM hijacking and PNG steganography.

Recommendation: Organizations should apply Microsoft’s out-of-band patch for CVE-2026-21509 and block connections to identified malicious domains. Monitor for scheduled tasks named OneDriveHealth and files dropped to paths mimicking Microsoft OneDrive setup cache or USOPublic directories. Detect PNG files in unexpected locations that may contain steganographic payloads. Implement email security controls detecting forwarding rules to external addresses and unusual attachment patterns.