Feb 16 2026 Last Week in Security (LWiS) - 2026-02-16

News

• New Android Theft Protection Feature Updates: Smarter, Stronger - New improvements to anti-theft including detecting if a phone has been grabbed while unlocked as part of a "snatch-and-run." I've witnessed two "roadmen" on ebikes snatch a phone from someone's hands on the sidewalk in London. It's gotten so bad there is a Mind the Grab campaign on the sidewalks.
• Senate Bill S9005 - The US state of New York is considering requiring every 3D printer sold in the state to be "capable of ensuring a three-dimensional printer will not proceed to print any print job unless the underlying three-dimensional printing file has been evaluated by a firearms blueprint detection algorithm and determined not to be a printing file that would produce a firearm or illegal firearm parts." Besides the impossibility of a "firearms blueprint detection algorithm," when did legislating the tool become the solution? Is New York also going to do the same for lathes, table saws, or injection molds?
• About the security content of iOS 26.3 and iPadOS 26.3 - dyld is the one to read: "Impact: An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report." Reported by Google's Threat Analysis Group (TAG); sounds like they found a whole exploit chain in the wild. Great work TAG! Update those iPhones and Macs.
• Cyber Model Arena - A new benchmark with deterministic scoring (vs LLM-as-a-judge).
• The Israeli Spyware Firm That Accidentally Just Exposed Itself - Massive OPSEC fail from the Paragon Solutions general counsel, who uploaded a photo of herself standing in front of a live spyware control panel that shows a target phone number from Czechia.
• Notepad's new Markdown powers served with a side of remote code execution - This one got a lot of hype but it does require a user to click a link inside a document. UNC paths also apparently work 🤦‍♂️.
• Ring and Flock Cancel Partnership - "We determined the planned Flock Safety integration would require significantly more time and resources than anticipated." Or the backlash from the public actually worked to change course here?

Techniques and Write-ups

• Trust Me, I’m a Shortcut - LNKs are much more than simple links, they contain all kinds of information. When you stop following the specification and provide partial fields, or two fields of the same type Windows Explorer will often show different information than what the LNK will execute. Microsoft only considered one variant a CVE worthy, they all have security implications.
• Scary Agent Skills: Hidden Unicode Instructions in Skills ...And How To Catch Them - AI agents/CLIs feel like the wild west. Hiding commands with ASCII Smuggler in SKILLS.md files can execute when the skill is used.
• AMD uProf Exploitation - Part One The AMD driver AMDPowerProfiler.sys has a file write vulnerability that can be used for local privilege escalation.
• ElephantPoint is a C# module that will use SharePoint token to search and download files. Read more: Introducing ElephantPoint.
• How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS - Some practical use of local LLMs (rare to see) reversing a use after free. If you can overlook the constant "this isn't X. It's Y" throughout the post it's got some good pyghidra-mcp use examples. One must assume the big exploit shops have automated RE churning on every update for target software.
• Pwning Supercomputers - A 20yo vulnerability in Munge - Going from AFL++ fuzz to exploit in one of the authentication brokers commonly used in clustered high performance computer environments.
• Capture the Kerberos Flag: Detecting Kerberos Anomalies - Always good for red teams to check their tradecraft against what looks normal in an environment.
• Hacking a pharmacy to get free prescription drugs and more - Blind POST requests eventually create a super admin account. Wild what is out there when you start looking closely and carefully crafting requests.

Tools and Exploits

• PhantomSec | Advanced Offensive Capabilities Automated - EvadeX Sponsored - EvadeX is an evasion-as-a-service platform for red teams and pentesters who want modern, continuously-updated evasive tradecraft without turning every engagement into an R&D project. Generate highly customizable, low-signature payloads through a simple web workflow so you can tune to the target and stay focused on the engagement. Trusted by teams from small consultancies to the Fortune 10. Get callbacks past EDR today!

• lnk-it-up - Project for generating and identifying deceptive LNK files.
• aid - A tool for detecting invisible Unicode characters in files, designed to identify potential ASCII smuggling attempts, hidden data encoding, and suspicious Unicode usage patterns.
• AMD_uProf - Exploit code for CVE-2025-61969, incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
• sandboxec - A lightweight command sandbox for Linux, secure-by-default, built on Landlock.
• PassLLM - World's most accurate password guessing AI tool. A PyTorch implementation of PassLLM (USENIX 2025) that leverages PII and LoRA fine-tuning to outperform existing tools by over 45% on consumer hardware.
• aznet - The standard Go net.Conn interface using Azure Storage services as the transport layer.
• reflektor is a Go library and CLI for loading shared libraries from bytes and invoking exported functions.
• Adaptix-StealthPalace - Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration.
• CobaltStrike-Linux-Beacon - Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons.

New to Me and Miscellaneous

This section is for news, techniques, write-ups, tools, and off-topic items that weren't released last week but are new to me. Perhaps you missed them too!

• labca - A private Certificate Authority for internal (lab) use, based on the open source ACME Automated Certificate Management Environment implementation from Let's Encrypt (tm).
• BusterCall - "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), modify read-only code pages, and more.
• nova-proximity - Nova-Proximity is a MCP and Agent Skills security scanner powered with NOVA.
• cua-kit - Tools for attacking Computer Use Agents.
• [X] Something Big Is Happening - Are we in the February 2020 before COVID stage of AI where a few vocal outcasts claiming massive change is coming while the world generally ignores them? With the last batch of models I am starting to believe the outcasts more and more.
• breachpool - Predict the next ransomware target based on wisdom of the crowd.

Techniques, tools, and exploits linked in this post are not reviewed for quality or safety. Do your own research and testing.