State attacks are no longer episodic. They are continuous, coordinated, and increasingly AI-augmented.
Sara Voss · 9 min read
Threat Level Dashboard — February 2026
31% targeted healthcare
CVE-2026-21509 exploited in days
Lotus Blossom: The Updater as a Weapon
The most technically sophisticated new threat actor of early 2026 is Lotus Blossom — a Chinese-attributed group that hijacked the legitimate update channels for Notepad++, one of the most widely installed text editors on Windows. When users clicked “check for updates,” they received a signed, apparently authentic payload that was in fact a loader for Lotus Blossom’s tooling.
This is supply-chain exploitation at its most insidious: no phishing link, no suspicious attachment, no user error. Just a trusted software update from a trusted source that happened to have been compromised at the distribution layer.
Separately, the Chinese-nexus group UNC3886 — tracked separately from Lotus Blossom — was found to have infiltrated a major Singapore telecommunications provider, establishing persistent access to routing infrastructure. Also linked to Chinese intelligence: GlassWorm, a macOS-targeting campaign that compromised extension packages in the OpenVSX registry used by VS Code-compatible editors.
Lotus Blossom, UNC3886, and GlassWorm all exploit trust relationships — trusted software, trusted networks, trusted registries. Traditional perimeter defenses do not stop this class of attack.
Volt, Flax, Salt: China’s Three-Typhoon Strategy
CISA and the FBI have now formally attributed three distinct and simultaneously active Chinese state threat clusters operating against US and allied infrastructure:
The strategic picture is a coordinated layered attack surface: Salt Typhoon owns communications, Volt Typhoon owns physical infrastructure, Flax Typhoon owns long-term intelligence. These are not independent operations.
Russia’s AI Pivot: Generative Attacks at Scale
Russia’s state-linked threat actors have made a documented shift toward using generative AI to accelerate their offensive operations. The most notable example: AI-assisted campaigns targeting FortiGate firewall deployments, where LLM-generated variants of known exploits are being used to evade signature-based detection.
On the vulnerability side: CVE-2026-21509, a critical privilege-escalation flaw, was being actively exploited by Russian-linked actors within days of its public disclosure — demonstrating patch-lag weaponisation at speed not previously seen at this consistency.
CVE-2026-22769, affecting Dell RecoverPoint backup appliances, has been exploited since at least mid-2024 — meaning organisations running unpatched Dell backup infrastructure have potentially been compromised for over 18 months without detection. EU and Dutch government networks were also hit via Ivanti zero-days in the same reporting period.
New Malware Zoo: GridTide, Dohdoor, PromptSpy
Three newly classified malware families entered active tracking in early 2026:
PromptSpy in particular represents a category shift: as organisations integrate AI into sensitive workflows, the attack surface extends to include AI inference pipelines, not just traditional data stores.
Healthcare Ransomware: The Collapse Risk
February 2026 recorded 82 confirmed ransomware incidents globally. Healthcare accounted for 31% of those — 25+ hospital systems, clinical networks, and patient data repositories hit in a single month.
The pattern is consistent: legacy medical devices running unpatched software, flat internal networks with minimal segmentation, and staff who are trained for patient care — not security hygiene. Ransomware groups know this. Healthcare pays or patients die.
The systemic risk is not that any single hospital goes offline. It is that coordinated attacks against regional healthcare networks — something Volt Typhoon-style pre-positioning could enable — could overwhelm emergency response capacity in ways that are indistinguishable from a natural disaster.
Threat Actor Reference Table
| Threat Actor | Target Sector | Method | Severity |
|---|---|---|---|
| Lotus Blossom | Software users (Windows) | Supply chain / updater hijack | CRITICAL |
| Volt Typhoon | US critical infrastructure | Living-off-the-land pre-positioning | CRITICAL |
| Flax Typhoon | Defence, semiconductors | Long-term espionage, IP theft | HIGH |
| Salt Typhoon | US telecoms carriers | Carrier-level interception | CRITICAL |
| UNC3886 | Telecoms (Asia-Pacific) | Routing infrastructure access | CRITICAL |
| Russia (GRU-linked) | Govt, firewalls, healthcare | AI-augmented CVE exploitation | HIGH |
- Audit all auto-update mechanisms — verify signing certificates and update server integrity
- Patch CVE-2026-21509 and CVE-2026-22769 immediately if Dell RecoverPoint or affected network devices are in scope
- Segment OT/ICS networks; assume GridTide-style lateral movement is possible on flat networks
- Review FortiGate configurations and apply vendor hardening guides — Russian AI campaigns specifically target default configs
- Audit OpenVSX / VS Code extension installs on developer machines (GlassWorm vector)
- Healthcare: implement offline backup validation; test restore procedures quarterly
- Monitor for DNS-over-HTTPS exfiltration (Dohdoor); block unrecognised DoH resolvers at the network layer
- Audit LLM API integrations for prompt interception risk (PromptSpy class attacks)
Related Reading
Sara Voss covers cybersecurity every week — no fluff, just actionable intelligence.