{"id":214173,"date":"2026-02-16T07:55:00","date_gmt":"2026-02-16T12:55:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/16\/outlook-add-ins-hijack-0-day-patches-wormable-botnet-ai-malware\/"},"modified":"2026-02-16T14:10:08","modified_gmt":"2026-02-16T19:10:08","slug":"outlook-add-ins-hijack-0-day-patches-wormable-botnet-ai-malware","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/16\/outlook-add-ins-hijack-0-day-patches-wormable-botnet-ai-malware\/","title":{"rendered":"Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet &#038; AI Malware"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/02\/weekly-recap-outlook-add-ins-hijack-0.html\">Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet &#038; AI Malware<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/02\/weekly-recap-outlook-add-ins-hijack-0.html\">https:\/\/thehackernews.com\/2026\/02\/weekly-recap-outlook-add-ins-hijack-0.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-16 07:55:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Feb 16, 2026<\/span><\/span><\/p>\n<p>This week\u2019s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question.<\/p>\n<p>Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever path gives the easiest foothold.<\/p>\n<p>Below is the full weekly recap \u2014 a condensed scan of the incidents, flaws, and campaigns shaping the threat landscape right now.<\/p>\n<h2 style=\"text-align: left;\"><strong>\u26a1 Threat of the Week<\/strong><\/h2>\n<p><strong>Malicious Outlook Add-in Turns Into Phishing Kit <\/strong>\u2014 In an unusual case of a supply chain attack, the legitimate AgreeTo add-in for Outlook has been hijacked and turned into a phishing kit that stole more than 4,000 Microsoft account credentials. This was made possible by seizing control of a domain associated with the now-abandoned project to serve a fake Microsoft login page. The incident demonstrates how overlooked and abandoned assets turn into attack vectors. &#8220;What makes Office add-ins particularly concerning is the combination of factors: they run inside Outlook, where users handle their most sensitive communications, they can request permissions to read and modify emails, and they&#8217;re distributed through Microsoft&#8217;s own store, which carries implicit trust,&#8221; Koi Security&#8217;s Idan Dardikman said. Microsoft has since removed the add-in from its store.\u00a0<\/p>\n<h2 style=\"text-align: left;\"><strong>\ud83d\udd14 Top News<\/strong><\/h2>\n<ul>\n<li><strong>Google Releases Fixes for Actively Exploited Chrome 0-Day <\/strong>\u2014 Google shipped security updates for its Chrome browser to address a flaw that it said has been exploited in the wild. The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS score: 8.8), has been described as a use-after-free bug in CSS that could result in arbitrary code execution. Google did not disclose any details about how the vulnerability is being exploited in the wild, by whom, or who may have been targeted,&#8230;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/02\/weekly-recap-outlook-add-ins-hijack-0.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet &#038; AI Malware https:\/\/thehackernews.com\/2026\/02\/weekly-recap-outlook-add-ins-hijack-0.html Publish Date: 2026-02-16 07:55:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":214174,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhkMGhmz-GyqlBgWLqr4q8O_WMowIYyItP0DG0jxeAvGw8ob_fAPWwSoQoKHbsFYCruaXH8xJss4OechIdlkf7MKf0ohaTnqUacvNTJqG727FIWeBYnN6vTiIJuzYwbyzA-OhIBl0nCZPXfgQbbfWgoydzQvT1DSB9FAe1vMOKy5N2p82kP7tmcKbEcxik2\/s1600\/recap-fb-main.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,32,25,27],"class_list":["post-214173","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-malware","tag-phishing","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214173"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=214173"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214173\/revisions"}],"predecessor-version":[{"id":214175,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214173\/revisions\/214175"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/214174"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=214173"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=214173"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=214173"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}