Top 5 Cybersecurity Headlines to Know this Month

BARR Advisory Senior Consultant Kevin Lewis has picked out five security and compliance headlines from the past month that you need to know. Take a look to find out what our consulting team has been reading this February—plus, scroll to see Kevin’s CISO Pick of the Month to find out where the BARR team is headed this month.

Why You Need to Update Your iPhone

Apple has issued an emergency update, iOS 26.3, to fix nearly 40 security flaws. The most serious is a “zero-day” vulnerability in the system that manages how apps run, which acts as a “doorman” for your iPhone. This flaw could allow sophisticated attackers to bypass security checks, take complete control of a device, and install stealthy spyware. Because this issue may already be in use against specific targets, all users are urged to update their devices immediately to protect their private information.

➡️ Read more

CISA Orders Purge of Legacy Edge Devices

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new directive requiring federal agencies to eliminate end-of-support (EOS) edge devices from their networks. These unsupported devices—including firewalls, routers, and VPN gateways—are prime targets for advanced threat actors because they no longer receive critical security patches. Federal agencies must inventory these assets within 90 days and fully decommission all EOS edge devices over the next 18 to 24 months. While the order specifically applies to federal networks, CISA strongly encourages private organizations to adopt similar lifecycle management practices to reduce their own attack surfaces.

➡️ Read more

Update Now: Major Flaw in Notepad

Microsoft’s attempt to modernize the classic Notepad app has introduced a high-severity remote code execution vulnerability, tracked as CVE-2026-20841. The flaw resides in the app’s new Markdown handler, which fails to validate links and allows attackers to run commands with full user permissions if a malicious .md file is opened. While user interaction is required to trigger the exploit, the public availability of proof-of-concept code makes this a significant risk for Windows 10 and 11 users. Organizations should ensure the Microsoft Store version of Notepad is updated to version 11.2510 or later immediately to close this unnecessary attack surface.

➡️ Read more

Vulnerability Traps Firewalls in Reboot Loops

A critical denial-of-service vulnerability in Palo Alto Networks’ PAN-OS could allow unauthenticated attackers to force firewalls into an endless reboot cycle. Exploiting the Advanced DNS Security (ADNS) feature, a single maliciously crafted packet can trigger a system crash that eventually pushes the device into maintenance mode. While there is no known exploitation in the wild yet, admins should prioritize upgrading to a patched version immediately.

➡️ Read more

China-Backed Threat Actors Target Notepad++

Notepad++ has fallen victim to a sophisticated supply chain compromise that researchers have linked to a Chinese state-sponsored group. Between June and December 2025, attackers hijacked the trusted WinGUP update infrastructure to distribute trojanized installers to a selective group of targets. Security teams should immediately update any instances of versions 8.8.2 through 8.8.9 to the patched 8.9.1 release and monitor for unauthorized binaries spawning from update processes.

➡️ Read more

CISO Pick of the Month:

Connect with BARR at ViVE in Los Angeles

Members of the BARR Advisory team will be in Los Angeles later this month for ViVE, the premier event for digital healthcare and healthcare technology. Will we see you there? 👀 

Book time to connect with us now ➡️

Get The Scoop

Want to get these insights straight to your inbox? Subscribe to Take5, our monthly newsletter featuring top security and compliance headlines, events, and resources—brought to you by CISOs from BARR’s cybersecurity consulting team.