Firewall & browser risks spiking

SentinelOne reported) that multiple attacks from December 2025–February 2026 exploited FortiGate NGFW flaws to export configuration backups and steal embedded service‑account credentials. (thehackernews.com) Amazon Threat Intelligence observed) a Russian‑speaking actor using commercial generative AI to compromise more than 600 FortiGate appliances across 55 countries between January 11 and February 18, 2026. (proarch.com) SentinelOne noted) that FortiGate configuration files use reversible encryption, enabling attackers to decrypt LDAP/service account data and authenticate to Active Directory during observed intrusions. (securityaffairs.com) Microsoft’s threat team documented) Storm‑2561 using SEO‑poisoning since mid‑January 2026 to distribute fake Ivanti/Cisco/Fortinet VPN installers that harvest VPN credentials, a tactic also reported by BleepingComputer. (bleepingcomputer.com) Google patched) an actively exploited Chrome zero‑day tracked as CVE‑2026‑2441 in emergency updates released Feb 13–16, 2026 (Chrome 145.0.7632.75/76 and 144.0.7559.75), with a CVSS score of 8.8 and warnings that roughly 3.5 billion users were at risk if unpatched. (securityweek.com) CISA issued) Emergency Directive 25‑03 on Sept 25, 2025 ordering federal agencies to locate, patch, and remediate Cisco ASA/Adaptive Security Appliance compromises after reports that attackers achieved persistence—sometimes via ROM‑modifying techniques—across government networks. (techradar.com) Vendors such as Trend Micro and Arctic Wolf offer) telemetry‑driven AI tools and attack‑path prediction to analyze large event streams (Arctic Wolf says it processes roughly 7 trillion security observations weekly across 10,000+ customers). A Red Canary‑linked survey found) about 75% of security leaders report staffing shortages, underpinning expert advice to use AI to augment human defenders rather than replace them. (arcticwolf.com)