Know What&#x27;s Happening in Cybersecurity

Micrologic Partners with Cohesity to Become the Leading Sovereign Cloud Data Protection Solution in Canada

Micrologic, a Canadian sovereign‑cloud provider, has teamed with AI‑driven data‑security firm Cohesity to launch a fully Canadian‑jurisdictional data‑protection platform. The joint solution combines Micrologic’s Canada‑only cloud infrastructure with Cohesity’s backup, disaster‑recovery and isolated recovery environment technology. It promises recovery speeds up to ten times faster and meets the strict compliance needs of regulated industries and government entities. The partnership also leverages Micrologic’s recent qualification for the federal SaaS catalogue, reinforcing its role in Canada’s digital‑sovereignty agenda.

By StorageNewsletter

Internet, Reinvented : Reticulum Networking Bridges Radios, Wi-Fi & Ethernet

Reticulum is an open‑source, decentralized networking protocol that operates without traditional internet infrastructure. It uses cryptographic identity‑based addressing and built‑in encryption to secure traffic across any medium, from LoRa radios to Wi‑Fi and Ethernet. Its hardware‑agnostic design lets users build...

By Geeky Gadgets

DOJ Increasingly Wielding False Claims Act to Target Cybersecurity Misrepresentations | Law.com

The U.S. Department of Justice is intensifying its use of the False Claims Act to pursue cybersecurity misrepresentations, noting a “significant upward trajectory” in such cases. In the past year, the DOJ secured $52 million through nine FCA settlements involving cyber‑related...

By Securities Docket

How Exposed Endpoints Increase Risk Across LLM Infrastructure

Enterprises deploying private Large Language Models are rapidly adding inference APIs, model‑management dashboards, and tool‑calling endpoints. Each new endpoint widens the attack surface, especially when permissions are excessive and credentials remain static. Exposed endpoints let attackers hijack non‑human identities, enabling...

By The Hacker News

By UK Defence Journal – Air

Labour MP Warns UK Exposed to Subsea Cable Threat

Labour MP Graeme Downie warned that the UK is dangerously exposed to disruption of its undersea cable network. He cited the Joint Committee on the National Security Strategy, noting that about 98% of internet traffic travels through these cables, making...

By The Record by Recorded Future

Ukraine Says Cyberattacks on Energy Grid Now Used to Guide Missile Strikes

Russian cyber actors targeting Ukraine’s energy grid have shifted from causing immediate outages to gathering intelligence that guides missile strikes. By mapping facilities, tracking repair crews, and monitoring recovery rates, they provide real‑time data that improves strike accuracy. The number...

By Modern Restaurant Management

Cybersecurity Is the New Food Safety: How Restaurants Can Protect Their Digital Kitchens

Restaurants are evolving into digital ecosystems, relying on cloud POS, loyalty apps, and third‑party delivery platforms. This shift creates a broader attack surface, making cybersecurity as vital as food safety for protecting brand trust. Leaders are adopting defense‑in‑depth strategies, unified...

By The Record by Recorded Future

Ransomware Gangs Advancing Moscow’s Geopolitical Aims, Romanian Cyber Chief Warns

Romanian officials say recent ransomware attacks on the country’s water agency, oil pipeline operator and coal‑based power producer were part of a coordinated Russian hybrid operation. Groups such as Qilin and Gentlemen, which speak Russian, claimed responsibility, linking the attacks...

UK Government-Backed Cyber Security Programme Alumni Raise £47.4m in Follow-On Investment

Innovate UK’s Cyber Security Academic Startup Accelerator (CyberASAP) alumni have attracted £47.4 million in post‑programme funding over the past nine years, with private capital accounting for 68% of that amount. The accelerator, funded by the Department for Science, Innovation and Technology,...

By IT Security Guru

The EBA Publishes Follow-Up Report on ICT Risk Assessment Under the Supervisory Review and Evaluation Process

The European Banking Authority released a follow‑up to its 2022 peer‑review on ICT risk assessment under the Supervisory Review and Evaluation Process (SREP). The report finds that competent authorities have markedly strengthened ICT risk supervision, largely due to the Digital...

By EBA – News

Attackers Exploit Ivanti EPMM Zero-Days to Seize Control of MDM Servers

Attackers are actively exploiting two critical Ivanti Endpoint Manager Mobile (EPMM) zero‑days (CVE‑2026‑1281 and CVE‑2026‑1340) that allow unauthenticated remote code execution. More than 4,400 EPMM instances are exposed on the public internet, giving threat actors full control of enterprise mobile...

By CSO Online – Security

EscalaX Reinforces Its Privacy & Compliance With BidSafe One

EscalaX announced a strategic partnership with privacy‑focused consultancy BidSafe One to strengthen its data‑protection and regulatory compliance posture. The collaboration will help EscalaX optimise consent management and align its operations with GDPR, CCPA/CPRA, IAB TCF and GPP standards. By integrating...

By ExchangeWire

Simbian Launches Autonomous AI Pentest Agent

Simbian unveiled its AI Pentest Agent, the first autonomous penetration‑testing solution that embeds business context to prioritize real‑world risk. Developed with LRQA, the agent delivers on‑demand assessments in hours, replacing periodic manual tests and providing transparent reasoning traces. It operates...

By AI-TechPark

Humanity Unveils Proof of Trust to Tackle AI Fraud

Humanity, a startup building an internet trust layer, announced a shift from its Proof of Humanity model to a broader Proof of Trust framework. The new system lets users verify attributes such as age, residency, and employment without exposing raw...

By AI-TechPark

Google Bans Antigravity Users over OpenClaw Activity, Cites Surge in ‘Malicious Usage’

Google has disabled several Antigravity accounts, including paid Gemini Ultra subscribers, after detecting a sharp rise in malicious activity tied to the open‑source AI agent OpenClaw. The bans target only the Antigravity backend, leaving Gmail, Workspace and other Google services...

By Indian Express AI

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

Iranian APT group MuddyWater has launched Operation Olalampo, targeting organizations across the Middle East and North Africa. The campaign, first seen on Jan 26, 2026, deploys new malware families—GhostFetch, HTTP_VIP, the Rust backdoor CHAR, and the GhostBackDoor implant—delivered via macro‑laden Office...

By The Hacker News

Noted North Carolina Private Radiology Practice Experiences Data Breach

Triad Radiology Associates, a 50‑year‑old North Carolina imaging practice, disclosed a data breach affecting roughly 11,000 patients. The intrusion, detected in February, likely occurred between late July and September and exposed names, addresses, Social Security numbers and bank account details....

By Radiology Business

The Hidden Security Cost of Treating Labs Like Data Centers

In a Help Net Security interview, Rich Kellen, VP‑CISO of IFF, warns that treating operational technology (OT) labs like conventional IT data centers creates hidden security risks that can corrupt scientific results and endanger safety. He explains that OT environments...

By Help Net Security

Don’t Overlook Low-Tech Crime in Healthcare

Healthcare organizations focus on high‑tech defenses, yet physical and procedural gaps remain a major source of breaches. Low‑tech incidents such as tailgating, unattended devices, and badge sharing contributed to over 51 million compromised records in 2022. The article outlines practical controls—including...

By Journal of mHealth

By The Negotiator – Technology (UK)

WARNING: Manual ID Checks Leave Agents ‘Vulnerable to Scams’

Property agents are being warned that manual identity checks expose them to sophisticated scams. SmartSearch reports that 54% of verification checks remain manual, leaving gaps for AI‑generated IDs and deepfake documents. A recent survey of 1,000 decision‑makers shows fraud incidents...

By Security Magazine (Cybersecurity)

Human-Related Security Risks Rose 90% in 2025

A KnowBe4 report reveals human‑related security incidents surged 90% in 2025, driven largely by social‑engineering attacks and employee error. Email‑based threats grew 57%, with 64% of organizations hit by external attacks exploiting staff inboxes. Human mistakes affected 90% of firms,...

By Security Magazine (Cybersecurity)

41% of Organizations Have Hired a Fake Candidate

A GetReal Security survey reveals that 41 % of IT, cybersecurity, risk and fraud leaders admit their firms have hired and onboarded a fraudulent candidate, underscoring AI‑driven identity attacks’ real‑world impact. The same study shows 88 % of organizations encounter deep‑fake or...

Podcast•Feb 23, 2026•6 min

SANS Stormcast Monday, February 23rd, 2026: Japanese Phishing; AI Agents Ignoring Instructions; Starkiller MFA Phishing

In this episode, Johannes Ulrich highlights three emerging threats: Japanese-language phishing campaigns that bypass English‑centric defenses, AI agents that ignore security guardrails and inadvertently expose data or make unauthorized changes, and the Starkiller phishing framework which proxies real login pages...

By SANS Internet StormCast

Vitalik Buterin Floats Simulated Transactions to Enhance Crypto Security

Ethereum co‑founder Vitalik Buterin proposed using transaction simulations to boost wallet and smart‑contract security. He argues that showing users a preview of on‑chain consequences lets them confirm intent before execution. The approach pairs simulations with spending limits and multisig approvals...

By Cointelegraph

Regtech HYPR Introduces Context-Based Attestation, Enhancing Identity Verification Beyond Traditional Checks

HYPR has launched a context‑based attestation framework to strengthen identity verification across hiring, onboarding, and account recovery. The method layers traditional document, location, and biometric checks with internal role data, workflow cues, calendar events, and peer validations. By continuously cross‑referencing...

By Crowdfund Insider

AI & Data Security: Insights From IBM’s Chief Architect

IBM’s Chief Architect Devan Shah outlines how the company’s OnePipeline platform now supports over 450 developers by shifting from Travis CI to Tekton and Argo CD, trading longer build times for automated security scans. He details the internal AI coding assistant...

By Harness – Blog

North Korea’s Crypto Theft Machine Shows No Signs of Slowing After ByBit Hack : Analysis

Elliptic reports North Korea stole a record $2 billion in cryptocurrency in 2025, pushing its total illicit haul past $6 billion and financing the regime’s weapons programs. The ByBit breach, which yielded $1.46 billion, saw more than $1 billion laundered within six months via...

By Crowdfund Insider

What Can’t You Say on TikTok?

In this episode, host David Ruiz talks with Malwarebytes senior social media manager Zach Hinkle and content creator MinJi Pae about the sudden technical glitches on TikTok after its ownership transferred to American stewards, which many users interpreted as censorship of...

Mississippi Healthcare System Shuts Down Clinics After Ransomware Attack

The University of Mississippi Medical Center (UMMC) suffered a ransomware attack on February 19 that crippled its Epic EHR, IT network, and phone systems, forcing the shutdown of nearly 30 clinics and a shift to paper‑based documentation. Vice Chancellor LouAnn...

Social•Feb 22, 2026

AI Security Tool Triggers Sharp Drop in US Cyber Stocks

‼️US Cybersecurity stocks are getting CRUSHED by AI fears: CrowdStrike fell -8.0% on Friday, Cloudflare -8.1%, Okta -9.2%, and SailPoint -9.4% after Anthropic unveiled a new Claude AI security tool that scans codebases for vulnerabilities and suggests patches. The Cybersecurity ETF, $BUG,...

By Global Markets Investor (newsletter author)

Cache Deception Flaw in SvelteKit And Vercel Stack Exposes User Data

A cache‑deception flaw was found in SvelteKit applications deployed on Vercel, where the `__pathname` query parameter can override request paths and cause private API responses to be cached as public assets. The vulnerability affects any route under `/_app/immutable/`, which Vercel...

By GBHackers On Security

NDSS 2025 – The Midas Touch: Triggering The Capability Of LLMs For RM-API Misuse Detection

The episode presents ChatDetector, a novel LLM‑empowered system for detecting misuse of resource‑management APIs (RM‑APIs) in open‑source software. By leveraging a ReAct‑inspired chain‑of‑thought prompting framework and cross‑validation techniques, ChatDetector overcomes LLM hallucinations to accurately extract allocation/release API pairs and constraints,...

Top NATO Allies Believe Cyberattacks on Hospitals Are an Act of War. They’re Still Struggling to Fight Back.

A new POLITICO poll reveals that citizens in the United States, Canada and other key NATO allies overwhelmingly consider cyberattacks on hospitals to be acts of war. Despite this public sentiment, NATO’s official response remains measured, emphasizing diplomatic channels and...

Blog•Feb 22, 2026

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85

The Security Affairs Malware Newsletter Round 85 aggregates the latest research and incident reports on global malware threats. Highlights include new Android threats like Ninja Browser, Lumma Infostealer, PromptSpy and Phantom Trojans, a surge in ATM jackpotting across the U.S., and...

By Security Affairs

The Hospitality Sector Continues to Be Lucrative Targets

The hospitality sector faced three data breaches this week. Choice Hotels International disclosed a social‑engineering attack that accessed franchisee and applicant records, including names and Social Security numbers, despite multi‑factor authentication. Wynn Resorts is alleged to have had 800,000 employee...

Hackers Hide Pulsar RAT Inside PNG Images in New NPM Supply Chain Attack

Security researchers at Veracode uncovered a malicious NPM package named buildrunner-dev that exploits a typosquatting trick to mimic the legitimate buildrunner tool. The package drops a massive batch script that conceals its true commands among random text and then downloads...

By HackRead

Is Your Travel Data Safe with Agentic AI

Agentic AI is rapidly entering the travel sector, automating itinerary management and personalizing experiences. However, its ability to process massive volumes of sensitive travel data introduces new security vulnerabilities. Experts stress encryption, strict access controls, continuous behavior monitoring, and compliance...

Social•Feb 21, 2026

Secure AI: Blend Deterministic Controls with Trustworthy Insights

How can a company like @TIBCO win in the age of AI? Was just reading about their current market strategy and risk. I was involved with a TIBCO project while implementing a tax solution at a Fortune 1000 company. Focus...

By Teri Radichel

Figure Technology Faces Major Data Breach Impacting Nearly One Million Customers

Figure Technology Solutions, the largest non‑bank home‑equity lender, disclosed a data breach affecting roughly 967,000 customer accounts. The breach resulted from a social‑engineering (vishing) attack on a single employee, allowing the ShinyHunters group to exfiltrate personal identifiers such as names,...

By Crowdfund Insider

Social•Feb 21, 2026

HTTPS Is Non‑optional: Encrypt Everything by Default

Most people see the 🔒 in the browser, but few think about the engineering behind it. Here’s the real difference: HTTP (Port 80) The postcard Data travels as plain text Anyone on the same network can read credentials or session tokens Okay for local testing. Dangerous in...

By Megha Bhardwaj

Social•Feb 21, 2026

Speed Is Defender’s Ultimate Weapon Against AI Threats

Things Are Getting Wild: Re-Tool Everything for Speed The compounding set of changes we are experiencing in cybersecurity is deeply concerning. But this is a transition point. We should be short term pessimistic about the risks we face. At the same...

By Phil Venables

Predator Spyware Hooks iOS SpringBoard to Hide Mic, Camera Activity

Intellexa’s Predator spyware can silently record iPhone camera and microphone feeds by hijacking iOS 14’s SpringBoard UI layer. Using a kernel‑level hook called HiddenDot::setupHook, the malware nullifies the SBSensorActivityDataProvider, preventing the green and orange privacy dots from ever lighting up. Jamf’s...

By BleepingComputer

Blog•Feb 21, 2026

Things Are Getting Wild: Re-Tool Everything for Speed

The author warns that AI is reshaping cybersecurity, creating a tidal wave of new software‑generated vulnerabilities while simultaneously giving attackers tools to industrialize exploits. Simultaneously, AI‑generated content erodes trust, making authenticity a critical challenge. Enterprises must build a robust agentic...

By Phil Venables’ Blog

NDSS 2025 -DUMPLING: Fine-Grained Differential JavaScript Engine Fuzzing

Researchers at EPFL and KIT introduced DUMPLING, a fine‑grained differential fuzzer that instruments JavaScript engines rather than the input code. By extracting detailed execution state dumps from both interpreted and JIT‑compiled paths, DUMPLING can spot subtle divergences that traditional fuzzers...

Social•Feb 21, 2026

Smart Glasses: Emerging Privacy Threat?

Smart glasses and covert filming. Are they a real privacy concern? https://t.co/TehOK0XVKI via @YouTube #smartglasses #glass #AR #privacy #CyberSecurity #CyberSec @sonu_monika @enilev @Jagersbergknut @TysonLester @chidambara09 @labordeolivier @BetaMoroney @tlloydjones @Nicochan33 @jeancayeux @RLDI_Lamy @pierrepinna @pierrecappelli @pchamard @JeromeMONANGE @thierry_pires @MaiaGabunia @amalmerzouk @NewsNeus @mary_gambara @PawlowskiMario...

By Amitav Bhattacharjee

Social•Feb 21, 2026

Oracle Hack Triggers $1M Payout; Vitalik Profits $70K

The Polymarket oracle issue highlighted by Vitalik Buterin Oracle disaster: Russia-Ukraine market bet on city control. Oracle = ISW's X account maps. Account got hacked, fake map showed Russian control of train station, triggered $1.3M in payouts at 33,000% returns. One...

By Efi Pylarinou

Amazon: AI-Assisted Hacker Breached 600 Fortinet Firewalls in 5 Weeks

Amazon’s Integrated Security team warned that a Russian‑speaking threat actor leveraged generative AI services to automate a campaign that compromised more than 600 FortiGate firewalls in 55 countries between Jan 11 and Feb 18, 2026. The attackers scanned for internet‑exposed management ports,...

By BleepingComputer

Social•Feb 21, 2026

AI Polymorphic Threats Prompt Rethink of Cybersecurity

AI Polymorphic Threats Are Forcing A Rethink Of Cybersecurity by @ChuckDBrooks https://t.co/bLFH7errME #cybersecurity #ai #tech @Forbes

By Chuck Brooks

This Is How You Do It: Dentist Speaks Out After Practice Hit by Cyber Attack

Grange Dental Care in Northern Ireland suffered a cyber attack on Thursday morning, resulting in fraudulent invoice emails being sent from its system. The breach was identified at 9:50 am, and the dentist immediately alerted his IT provider, who halted the...

Discord’s Age Verification Data Has a Frontend Leak — Now What?

Discord’s new age‑verification system, powered by identity vendor Persona, has a critical frontend exposure. Security researchers discovered that verification components are reachable on the public web, potentially revealing users’ age‑related data. The flaw adds urgency to Discord’s 2026 compliance roadmap,...