Daily Security Briefing #166

February 15, 2026 | Read Online

Search ad phishing, Evolving Android malware, ClickFix attacks, DNS vulnerabilities and SQL beautifiers…

Executive Summary

Cybersecurity threats continue to evolve with new tactics being employed by attackers. Microsoft has resolved a Windows 11 bug causing boot failures after updates, while CTM360 reports a large-scale campaign using Google Groups for Lumma Stealer malware distribution. Meanwhile, Microsoft disclosed details of a DNS-based ClickFix attack and threat actors are pushing new ClickFix-style attacks through Pastebin comments to hijack cryptocurrency transactions.

Top Articles

Windows 11 KB5077181 fixes boot failures linked to failed updates

Microsoft has resolved a Windows 11 bug that caused some commercial systems to fail to boot with an “UNMOUNTABLE_BOOT_VOLUME” error after installing recent security updates. The fix was delivered in the February 2026 Patch Tuesday update. BleepingComputer | BleepingComputer

Lumma Stealer and Ninja Browser malware campaign abusing Google Groups

CTM360 reports 4,000+ malicious Google Groups and 3,500+ Google-hosted URLs used to spread the Lumma Stealer infostealing malware and a trojanized “Ninja Browser.” The report details how attackers abuse trusted Google services to steal credentials and maintain persistence across Windows and Linux systems. BleepingComputer | BleepingComputer

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload. Specifically, the attack relies on using the “nslookup” command to execute a custom DNS lookup triggered via the Windows. The Hacker News | The Hacker News

Best SQL Beautifier Online in 2026

Most SQL problems don’t start with bad logic; they start with SQL that’s hard to read, which is why SQL beautifiers are now critical. As queries evolve through repeated edits, quick fixes, and handoffs between people, structure gradually erodes. CyberPress | CyberPress

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to hijack Bitcoin swap transactions and redirect funds to attacker-controlled wallets. BleepingComputer | BleepingComputer

Let me know if I can help you with anything else.

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.