We are pleased to announce that our latest Trellix Endpoint Detection and Response with Forensics (EDRF) Cloud threat detection update for February 2026 is now available.
This cumulative report summarizes the detection content released throughout January 2026, adding 101 new detections to your defense stack.
Key threat coverage
-
Botnets and rootkits: New protections against the Kaiji DDoS botnet targeting IoT/Linux and the r77-rootkit
-
Credential theft: Enhanced detection for VVS Stealer, which targets social platforms and web browsers
- Targeted campaigns: New logic to identify the Water Sod Campaign targeting financial institutions and fintech
These updates are fully compatible with all EDR and EDRF client versions. There is no action required.
For more details and a complete list of the changes, see the release details in the Knowledge Base article Trellix EDRF Cloud threat detection updates – February 2026.
Note: To receive information about product updates, sign up for the Support Notification Service.
For instructions, see the Thrive Portal User Guide and navigate to Profile and Settings > My Settings > Manage Support Notification Services (SNS) subscription preferences.