Threat Landscape Briefing – February 2026

In this month’s briefing we explore:

• GhostPoster Malicious Browser Extensions – By Carlos Rivera (01:27)
  • Researchers at Koi Security released an analysis of a malicious Firefox extension called GhostPoster, which uses steganography to hide its payload inside a PNG icon file.
  • See Info-Tech’s research on Threat Preparedness Using MITRE ATT&CK®.
• Exfiltration Through Gemini Prompt Injection – By Seva Ioussoufovitch (09:50)
  • Miggo, an application detection & response vendor, explored a vulnerability in Google Calendar which enabled the unauthorized creation of events and exfiltration of private calendar data through Google’s AI assistant, Gemini.
  • Explore Info-Tech’s guidance on how to Develop a Strategic Plan for Intelligent Application Security.
• European Commission Pushes for Stronger Oversight of High-Risk Technology Suppliers – By Jon Nelson (21:19)
  • The European Commission has unveiled a proposal to tighten cybersecurity oversight over technology suppliers deemed “high-risk” to the EU’s security and critical infrastructure.
  • Learn how Info-Tech can help you Build a Vendor Security Assessment Service.

If you have a question or would like to receive these monthly briefings via email, submit a request here.