News•Feb 20, 2026
AI Apps On The Google Play Store Are Leaking Customer Data And Photos
AdGuard is offering its Family Plan as a lifetime subscription for $15.97 through February 22, covering up to nine devices. The deal bundles enterprise‑grade ad blocking, tracker suppression, malware and phishing protection, and built‑in parental controls. Users receive continuous updates without recurring fees, replacing the typical monthly or annual pricing model. This promotion positions AdGuard as a cost‑effective, all‑in‑one privacy solution for households.
By Mashable AI
News•Feb 20, 2026
HID Reports Delicate Opportunity for Biometrics Adoption in Shaky Trust Environment
HID’s 2026 State of Security and Identity Report, based on a survey of over 1,500 security and IT leaders, shows digital identity management is a top priority for 73% of respondents. Three‑quarters of organizations have already deployed or are evaluating...
By Biometric Update
News•Feb 20, 2026
Romanian Hacker Faces up to 7 Years for Breaching Oregon Emergency Management Department
A 45‑year‑old Romanian national, Catalin Dragomir, pleaded guilty to breaching Oregon’s Department of Emergency Management in June 2021 and selling the compromised access for roughly $3,000 in Bitcoin. The hacker also infiltrated ten additional U.S. companies, generating at least $250,000...
By DataBreaches.net
News•Feb 20, 2026
Media Authentication an Emerging Front in Battle Against Deepfakes: Microsoft Report
Microsoft released a report on media integrity and authentication (MIA), detailing techniques such as C2PA provenance, imperceptible watermarking, and soft‑hash fingerprinting to verify digital content origins. The study concludes that no single method can stop deepfakes, urging a layered approach...
By Biometric Update
News•Feb 20, 2026
5 Things To Know On Anthropic’s Claude Code Security
Anthropic announced that its Claude Code platform will now include Claude Code Security, an AI‑driven vulnerability‑scanning feature that reads and reasons about code like a human researcher. The tool, launched in a limited research preview, aims to uncover complex issues...
By CRN (US)
News•Feb 20, 2026
Apache Tomcat Vulnerability Circumvents Access Rules
Apache Tomcat’s CVE‑2026‑24733 vulnerability allows attackers to bypass security constraints that permit HEAD but deny GET requests by sending a malformed HEAD request using the obsolete HTTP/0.9 protocol. The flaw stems from Tomcat’s legacy handling of HTTP/0.9, which does not...
By eSecurity Planet
News•Feb 20, 2026
Des Moines ANGB to Gain ANG Cyber Operations Squadrons
The Department of the Air Force has chosen Des Moines Air National Guard Base in Iowa as the preferred site to convert reassigned manpower into Air National Guard cyber operations. The 2025 defense budget eliminated half of the ANG Tactical...
By U.S. Air Force
News•Feb 20, 2026
Fort Gordon to Gain ANG Cyber Operations Squadrons
The Department of the Air Force has chosen Fort Gordon, Georgia, as the preferred site for two new Air National Guard cyber operations squadrons. The 117th Air Control Squadron will be inactivated at Hunter Army Airfield, releasing manpower that will...
By U.S. Air Force
News•Feb 20, 2026
Fusaka Upgrade Fuels Record Address Poisoning on Ethereum
The recent Fusaka upgrade slashed Ethereum gas fees by sixfold, creating record‑low transaction costs. This price drop sparked a dramatic rise in address‑poisoning attacks, with daily dust transactions jumping from roughly 30,000 to 167,000 and peaking at 510,000. In just...
By The Defiant
News•Feb 20, 2026
Microsoft: ‘Summarize With AI’ Buttons Used To Poison AI Recommendations via @Sejournal, @MattGSouthern
Microsoft’s Defender Security Research team unveiled a new threat called “AI Recommendation Poisoning,” where website buttons labeled “Summarize with AI” embed hidden prompt‑injection instructions. Clicking these buttons feeds AI assistants a URL‑encoded command that tells the model to remember the...
By Search Engine Journal
News•Feb 20, 2026
AI Empowers Cyber Criminals. Could It Also Help Schools Fight Them?
School districts are experimenting with generative and agentic AI to bolster cybersecurity, but results are mixed. While vendor‑built AI features provide more reliable insights than generic models, many districts still rely on traditional tools due to staffing and budget constraints....
By GovTech — Education (K-12)
News•Feb 20, 2026
One Billion Identity Records Exposed in Unsecured ID Verification Database
A cloud‑based identity verification database tied to IDMerit was found exposed without password protection or encryption, leaking roughly one billion personal records across at least 26 countries. The trove, estimated at one terabyte, contained names, dates of birth, addresses, phone...
By Biometric Update
News•Feb 20, 2026
Your Own Voice Could Be Your Biggest Privacy Threat. How Can We Stop AI Technologies Exploiting It?
Researchers at Aalto University warn that AI-driven voice analysis can extract sensitive personal data—from political views to health conditions—simply from speech patterns. Their study, published in IEEE Proceedings, highlights risks such as price‑gouging, discriminatory profiling, and stalking if corporations or...
By Live Science AI
News•Feb 20, 2026
Microsoft: Critical Security Issue Found in Windows Notepad
Microsoft patched a high‑severity vulnerability (CVE‑2026‑20841) in the modern Windows Notepad app that adds Markdown support. The flaw allows remote code execution when a user opens a malicious .md file and clicks a crafted link. The issue affects only the...
By TechRepublic – Articles
News•Feb 20, 2026
Cynet’s MacKenzie Brown: ‘MSPs Don’t Need Drama. They Need Clarity And Process.’
Cynet has hired MacKenzie Brown as Vice President of Threat Intelligence Strategy to turn the vendor’s global telemetry into a practical, operational threat‑intelligence system for managed service providers (MSPs). Brown emphasizes moving beyond generic monthly reports toward actionable, tactical intel...
By CRN (US)
News•Feb 20, 2026
The 25 Most Vulnerable Passwords of 2026
Plasma’s 2026 study identified the 25 most vulnerable passwords based on global search volume and common‑password lists. “password” led the list with over 10 million searches, followed by “admin”, “qwerty”, and other simple sequences. The research also highlighted ten insecure password...
By Security Magazine (Cybersecurity)
News•Feb 20, 2026
NIST’s Quantum Breakthrough: Single Photons Produced on a Chip
NIST announced a chip that reliably generates a single photon on demand using quantum‑dot technology. The device achieves near‑perfect efficiency and, when paired with superconducting nanowire single‑photon detectors, can transmit photons up to 600 miles. Mass‑production of the chip is...
By SecurityWeek
News•Feb 20, 2026
Why the Shift Left Dream Has Become a Nightmare for Security and Developers
The article argues that the long‑standing "shift‑left" mantra has backfired, overloading developers with security tasks while business demands prioritize speed. Qualys analyzed 34,000 public container images and found 7.3% malicious, many containing cryptomining code or exposed secrets. This risk stems...
By BleepingComputer
News•Feb 20, 2026
There’s Always Something: Secrets Detection at Engagement Scale with Titus
Praetorian released Titus, an open‑source secret scanner built in Go that runs as a CLI, library, Burp Suite, or Chrome extension. It inherits Nosey Parker’s 450+ detection rules and adds binary file extraction and a validation framework that confirms whether...
By Security Boulevard – DevOps
News•Feb 20, 2026
Latin America's Cyber Maturity Lags Threat Landscape
Intel 471’s 2025 report shows Latin America’s cyber‑maturity is improving but the region faces a rapidly intensifying threat landscape. Ransomware incidents jumped 78% year‑over‑year, with more than 450 breaches recorded, while Brazil alone accounted for 30% of ransomware and extortion attacks....
By Dark Reading
News•Feb 20, 2026
Liquibase Secure 5.1 Closes Gap in Data Platform Security, Compliance, and AI Readiness
Liquibase announced Secure 5.1, extending its modeled change‑control framework to Snowflake’s control plane. The release treats Snowflake access, sharing, and cost‑control changes as first‑class, auditable objects, enabling policy enforcement, drift detection and automated rollback. Secure 5.1 also adds support for Databricks, MongoDB,...
By Database Trends & Applications (DBTA)
News•Feb 20, 2026
LLMs Change Their Answers Based on Who’s Asking
A MIT Center for Constructive Communication study reveals that leading large language models—GPT‑4, Claude 3 Opus, and Llama 3‑8B—alter answer quality based on perceived user traits. When prompted with biographies suggesting lower education, non‑native English proficiency, or foreign nationality, all three models show...
By Help Net Security
News•Feb 20, 2026
From IT Controls to Engineering Resilience: Rethinking Smart Building Cybersecurity
Smart building operators are importing IT‑centric cybersecurity controls—encryption, authentication, zero‑trust—into legacy automation systems, but these measures can unintentionally disrupt deterministic control loops. A real‑world HVAC example shows a missed certificate renewal causing controllers to stop responding, leaving occupants uncomfortable and...
By Buildings.com
News•Feb 20, 2026
San Jose Slow to Tell Workers About Data Breach
San Jose city officials disclosed that a lost USB drive may have exposed Social Security numbers of current and former employees. The breach occurred on Jan. 9, but the city delayed notifying affected workers, providing no estimate of how many were...
By DataBreaches.net
News•Feb 20, 2026
Loan Applications, Drivers Licences, Personal Data of 440k Aussies Exposed After Hacker Hits Sydney Finance Tech Company youX
Australian fintech platform youX confirmed an unauthorized intrusion that exposed personal data of approximately 440,000 Australians. The stolen information includes loan applications, driver’s licence details and other identifying data. The breach was disclosed following the company’s internal investigation and reported...
By DataBreaches.net
News•Feb 20, 2026
Future-Proofing Virtual Desktops: What IT Leaders Need to Plan for Now
IT leaders are re‑evaluating desktop strategies as demand becomes erratic, security standards tighten, and AI reshapes workloads. Future‑proofing requires elastic provisioning, centralized Zero‑Trust controls, and continuous automation rather than periodic overhauls. The article argues that operational efficiency and flexible platforms...
By CIO.com
News•Feb 20, 2026
PayPal Discloses Data Breach that Exposed User Info for 6 Months
PayPal disclosed a data breach affecting its Working Capital loan application, where personal information—including Social Security numbers—was exposed from July 1 to December 13, 2025. The company identified the issue on December 12, 2025, rolled back the faulty code, and halted unauthorized access within a...
By BleepingComputer
News•Feb 20, 2026
The Modern Desktop Reset: Why UK IT Leaders Are Rethinking End-User Computing
UK IT leaders are abandoning traditional on‑premises desktops and legacy VDI in favor of Desktop‑as‑a‑Service (DaaS) to meet evolving security, cost and hybrid‑work demands. DaaS, especially Microsoft’s Azure Virtual Desktop and Windows 365, offers scalable, cloud‑native environments that align spend with...
By CIO.com
News•Feb 20, 2026
Ready to Move On: How to Evaluate, Select, and Deploy Modern Email Security
The article guides MSPs on replacing legacy security email gateways (SEGs) with modern, API‑native email security platforms that operate inside Microsoft 365 and Google Workspace. It stresses the need for behavioral, AI‑driven detection rather than static signatures, and outlines key vendor...
By Security Boulevard
News•Feb 20, 2026
The Illusion of Choice in Enterprise Desktop Strategy
Enterprises are finding that desktop‑OS choices in 2026 are no longer a tactical IT decision but a forced strategic commitment driven by the Windows 10 end‑of‑support deadline, costly Windows 11 upgrades, and the tax‑like Extended Security Updates (ESU). The pressure to meet...
By TechTarget SearchERP
News•Feb 20, 2026
Dramatic Escalation in Frequency and Power of DDoS Attacks
The Radware 2026 Global Threat Analysis Report reveals a 168% jump in DDoS attacks in 2025 versus 2024, with customers averaging 139 attempted incidents per day. Technology, telecommunications and financial services bore the brunt, the tech sector alone accounting for...
By Infosecurity Magazine
News•Feb 20, 2026
CharlieKirk Grabber Malware Targets Windows Systems to Steal Login Credentials
CharlieKirk Grabber is a new Python‑based Windows infostealer first seen in February 2026. It rapidly harvests credentials from Chromium and Firefox browsers, Wi‑Fi profiles, Discord tokens, and gaming sessions, then packages the data into a ZIP archive for exfiltration via...
By GBHackers On Security
News•Feb 20, 2026
Hackers Breach Contractor Linked to Ukraine’s Central Bank Collectible Coin Store
Ukraine’s National Bank temporarily shut down its online collectible‑coin store after a cyberattack compromised customer registration data. Attackers accessed personal details such as names, phone numbers, email and delivery addresses through a contractor that supports the storefront, but no financial...
By The Record by Recorded Future
News•Feb 20, 2026
Netzilo AI Edge Delivers Enterprise-Grade Visibility, Sandboxing, and Governance for OpenClaw Agents
Netzilo announced the launch of AI Edge, a platform that gives enterprises full visibility, sandboxing, and governance over OpenClaw autonomous agents. The solution captures LLM communications, tool‑call chains, file system activity, and local agent actions, feeding them into a behavioral...
By AiThority
News•Feb 20, 2026
Fincite Secures ISO 27001 Certification
FinCite, a provider of end‑to‑end investment advisory software, has achieved ISO 27001 certification, confirming its information security management system meets global standards. The certification spans the company’s entire operational backbone, including cloud infrastructure, development lifecycles, and client‑facing services such as onboarding...
By Fintech Global
News•Feb 20, 2026
Why Most Breaches Happen After Launch: SaaS Security Testing Best Practices
Most SaaS breaches occur after launch because security efforts often wane while the attack surface expands. Post‑deployment misconfigurations, rapid feature releases, and third‑party integrations introduce new vulnerabilities that go unnoticed without continuous testing. StrongBox IT and similar providers advocate ongoing vulnerability...
By Security Boulevard
News•Feb 20, 2026
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
Identity cyber scores are emerging as the primary metric insurers use to underwrite cyber‑insurance policies in 2026. Insurers now scrutinize password hygiene, privileged‑access management and MFA coverage, linking weak identity controls to higher breach likelihood and premium costs. The global...
By The Hacker News
News•Feb 20, 2026
Global Alliance Emphasizes Operational Resilience and Verification Practices in Digital Account Management
Global Alliance announced enhanced operational safeguards for its digital platform, including multi‑factor authentication (MFA) for logins and sensitive actions. The firm now requires verification checkpoints before adding external withdrawal destinations, tightening outbound transaction controls. Real‑time data backups and DDoS mitigation...
By TechBullion
News•Feb 20, 2026
What the Nike Breach Teaches Us About the Microsegmentation Imperative of Integrating with EDR
On January 22, 2026 Nike disclosed that 1.4 terabytes of R&D, supply‑chain and pricing data were posted on the WorldLeaks leak site. The breach, driven by compromised VPN credentials, bypassed traditional endpoint detection and highlighted the rise of value‑chain extortion. WorldLeaks,...
By Security Boulevard
News•Feb 20, 2026
Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head
Israel’s National Cyber Directorate disclosed that roughly two petabytes—equivalent to 100 National Library of Israel archives—have been exfiltrated from citizens and institutions over recent years. The breach scale eclipses prior megabyte‑ and terabyte‑level incidents, marking an unprecedented data loss. Concurrently,...
By The Cyber Express
News•Feb 20, 2026
Discover Network Shows How Sharing Data Can Turn the Tide on Fraud
Fraud is evolving into a fast‑moving, AI‑driven threat across e‑commerce, payments and identity, outpacing traditional, institution‑by‑institution defenses. Discover Network argues that sharing data through a consortium enables real‑time signal aggregation, tokenization and enhanced decisioning to spot patterns no single bank...
By PYMNTS
News•Feb 20, 2026
AI-Empowered Cybersecurity: Key Events and Emerging Trends in 2025
In September 2025 Anthropic disclosed the world’s first autonomous AI‑driven cyberattack, where an AI system executed 80‑90% of the malicious workflow with only a handful of human interventions. The attackers masqueraded as a cybersecurity firm, using Claude Code and the Model...
By Security Boulevard
News•Feb 20, 2026
Apple Updates iPhones After Targeted Attacks
Apple released emergency updates for iOS, iPadOS, and macOS after a previously unknown memory‑corruption flaw in the dyld Dynamic Link Editor (CVE‑2026‑20700) was found being actively exploited. The vulnerability, uncovered by Google’s Threat Analysis Group, was used alongside two earlier...
By Silicon UK
News•Feb 20, 2026
Security Compass Brings Policy-Driven Security and Compliance to Agentic AI Development
Security Compass unveiled SD Elements for Agentic AI Workflow, a platform that embeds policy‑driven security and compliance checks directly into AI‑assisted software development. The solution automatically generates, validates, and records evidence that both human developers and autonomous AI agents adhere to...
By Help Net Security
News•Feb 20, 2026
AI in the SOC: Why Complete Autonomy Is the Wrong Goal
Artificial intelligence is reshaping security operations, but experts argue that a fully autonomous SOC is impractical. Dan Petrillo of BlueVoyant stresses that AI should augment analysts, handling high‑volume tasks like alert triage while humans retain decision‑making authority. Real‑world constraints—noisy data,...
By Security Boulevard
News•Feb 20, 2026
Krikey AI Achieves SOC2 Compliance, Strengthening Security Assurance for Its Professional AI Animation Generator
Krikey AI announced it has earned SOC2 Type II certification and Amazon Web Services Nonprofit and Education competency badges, confirming its 3D animation generator meets rigorous security and operational standards. The certifications validate institutional‑grade data protection for enterprises, schools, and nonprofit...
By MarTech Series
News•Feb 20, 2026
The CISO View of Fraud Risk Across the Retail Payment Ecosystem
In a Help Net Security interview, Paul Suarez, VP and CISO of Casey’s, explains that fuel‑payment hardware receives the same disciplined patching and modernization approach as other retail technology. He warns that QR‑code payment methods create fresh fraud opportunities, prompting...
By Help Net Security
News•Feb 20, 2026
Applying Green Energy Tax Policies to Improve Cybersecurity
Governments are proposing to mirror green‑energy tax incentives to boost cybersecurity, pairing financial rewards with a digital trust label similar to ENERGY STAR. The model would grant tax credits or rebates to firms that achieve the label, encouraging security‑by‑design across...
By Help Net Security
News•Feb 20, 2026
Google Threat Intelligence Report Highlights Growing Adversarial Exploitation of AI
Google’s Threat Intelligence Group released a new report detailing how adversarial AI is increasingly weaponized against enterprises. The study highlights a surge in model‑extraction attacks, where threat actors query commercial LLMs like Gemini to create compact replicas, and documents AI‑enhanced...
By Crowdfund Insider
News•Feb 20, 2026
Bell Cyber and Radware Expand AI-Driven, Cloud-Delivered Security Services
Bell Cyber and Radware have launched an AI‑driven, cloud‑delivered security service that merges Radware’s machine‑learning application protection with Bell Cyber’s fully managed SOC operations. The offering safeguards web applications, APIs, bots and DDoS attacks for ERP and SaaS environments while...
By ERP Today