Cybersecurity Developments from Mid-February 2026

The video covers multiple cybersecurity developments from mid-February 2026. Microsoft’s Windows 11 Notepad was found vulnerable to CVE-2026-2841 (CVSS 7.8), allowing local code execution via malicious Markdown links exploiting improper URI handling. Discord announced facial-based age verification starting March 2026, using on-device processing to estimate age without storing selfies or associating identities with accounts. Researchers at ETH Zurich tested Bitwarden, LastPass, and Dashlane, identifying 12, 7, and 6 attack vectors respectively under simulated server compromises, with Bitwarden and LastPass vulnerable to full vault compromise. Apple patched CVE-2026-2700, a zero-day exploited in targeted attacks. Google issued an emergency Chrome update for a use-after-free flaw in the CSS engine. A defense contractor manager sold eight zero-day exploit kits to Russia. Microsoft Copilot was found processing confidential emails despite restrictions.