• SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.We provide a valuable summary of stories th
• Why the shift left dream has become a nightmare for security and developers February 20, 2026 09:45 AM 0 Written by Ivan Milenkovic, Vice President Risk Technology EMEA, Qualys F
• Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered cod
• Threat Intelligence Cyber Risk Cybersecurity Operations Cyberattacks & Data Breaches News Breaking cybersecurity news, news analysis, commentary, and other content from around th
• PayPal disclosed a data breach affecting PPWC loan app, exposing sensitive info for 6 months. • Breach spanned July 1 to December 13, 2025, revealing names, emails, phone, busine
• • February 20, 2026 11:39 AM Can we read something that is not behind a paywall? • Clive Robinson • February 20, 2026 2:57 PM @ Who?, ALL, ‘Can we read something that is not behi
• ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware Cybersecurity researchers have disclosed details of a newClickFixcampaign that abuses compromised legitimate
• The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack. • UMMC has over 10,000 employees and, as
• A flash alert published on Thursday by the FBI warns of an increase in malware-enabled ATM jackpotting attacks in the United States.According to the agency, roughly 1,900 ATM jac
• One in three cyber-attacks now involve compromised employee accounts, driving insurers to focus on identity posture. • Password hygiene, privileged access management, and MFA cov
• The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM ‘jackpotting’ attacks, in which criminals use malware to force cash machines to dis
• Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case A 29-year-old Ukrainian national has beensentenced to five years in prisonin the U.S. • for his role i
• Japanese chip testing giant Advantest Corporation (TSE: 6857) has been targeted in a ransomware attack.Advantest makes automatic test equipment for the semiconductor industry. •
• FeaturedIntroducing ‘AI Unlocked: Decoding Prompt Injection,’ a New Interactive ChallengeFeb 18, 2026Exposing Insider Threats through Data Protection, Identity, and HR ContextFeb
• FeaturedIntroducing ‘AI Unlocked: Decoding Prompt Injection,’ a New Interactive ChallengeFeb 18, 2026Exposing Insider Threats through Data Protection, Identity, and HR ContextFeb
• FeaturedIntroducing ‘AI Unlocked: Decoding Prompt Injection,’ a New Interactive ChallengeFeb 18, 2026Exposing Insider Threats through Data Protection, Identity, and HR ContextFeb
• FeaturedIntroducing ‘AI Unlocked: Decoding Prompt Injection,’ a New Interactive ChallengeFeb 18, 2026Exposing Insider Threats through Data Protection, Identity, and HR ContextFeb
• FeaturedIntroducing ‘AI Unlocked: Decoding Prompt Injection,’ a New Interactive ChallengeFeb 18, 2026Exposing Insider Threats through Data Protection, Identity, and HR ContextFeb
• Ukrainian gets 5 years for helping North Koreans infiltrate US firms February 20, 2026 04:00 AM 0 A Ukrainian national was sentenced to five years in prison for providing North K
• FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025 The U.S. • Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents
• Former Google Engineers Indicted Over Trade Secret Transfers to Iran Two former Google engineers and one of their husbands have beenindictedin the U.S. • for allegedly committing
• Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran Two former Google engineers and one of their husbands have beenindictedin the U.S. • for allegedly comm
• ISC Stormcast For Friday, February 20th, 2026 https://isc.sans.edu/podcastdetail/9818 Handler on Duty: Johannes Ullrich Threat Level: green My next class: Application Security: S
• As scaled-down circuits with limited functions redefine computing for AI systems and autonomous vehicles, their flexibility demands new approaches to safeguard critical infrastru
• Executive Summary On Feb. • 6, 2026, BeyondTrust released a security advisory regarding CVE-2026-1731. • BeyondTrust is an identity and access management platform. • This specifi
• PromptSpy is the first known Android malware to use generative AI at runtime February 19, 2026 05:36 PM 0 Researchers have discovered the first known Android malware to use gener
• Application Security Cyber Risk Cyberattacks & Data Breaches Vulnerabilities & Threats News Supply Chain Attack Secretly Installs OpenClaw for Cline Users The malicious version o
• A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites.
• Unprotected cloud data sends the wrong signal at a time when the emirate’s trying to attract investors and establish itself as a global financial center.
• Under the Hood of DynoWiper [This is a Guest Diary contributed by John Moutos] Overview In this post, I’m going over my analysis of DynoWiper, a wiper family that was discovered
• PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence Cybersecurity researchers have discovered what they say is the first Android malware that abuses Ge
• INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown An international cybercrime operation against online scams has led to 651 arrests and recovered more t
• Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an atta
• Google blocked over 1.75 million Play Store app submissions in 2025 February 19, 2026 12:00 PM 0 Google says that through 2025, it blocked more than 255,000 Android apps from obt
• Share Link copied to clipboard! • Content types Best practices Topics Data security Network security Security management Effective exposure management begins by illuminating and
• Self-hosted agent runtimes like OpenClaw are showing up fast in enterprise pilots, and they introduce a blunt reality: OpenClaw includes limited built-in security controls. • The
• Reused passwords, a lack of network segmentation, and poor sanitization processes make the Internet of Things’ attack surfaces more dangerous.
• Reused passwords, a lack of network segmentation, and poor sanitization processes make the Internet of Things’ attack surfaces more dangerous.
• How infostealers turn stolen credentials into real identities February 19, 2026 10:05 AM 0 Modern infostealers have expanded credential theft far beyond usernames and passwords.
• France’s Ministry of Economy on Wednesday disclosed a breach that exposed information on 1.2 million bank accounts.Investigators discovered unauthorized access to the national ba
• OpenSSL RCE vulnerability threatens legacy systems, demanding urgent patching across enterprises. • Foxit PDF zero-days expose document readers to remote code execution, affectin
• Nigerian man gets eight years in prison for hacking tax firms February 19, 2026 08:51 AM 0 A Nigerian national was sentenced to eight years in prison for hacking multiple tax pre
• Nearly 1 million user records have been compromised in a data breach at blockchain-powered lender Figure Technology Solutions.The companyconfirmedto TechCrunch that it suffered a
• Texas sued networking giant TP-Link Systems, accusing the company of deceptively marketing its routers as secure while allowing Chinese state-backed hackers to exploit firmware v
• Hackers target Microsoft Entra accounts via device code vishing, exploiting OAuth 2.0 flow. • Attack uses legitimate OAuth client IDs, bypassing phishing sites and standard login
• Venice Security on Wednesday emerged from stealth mode with $33 million in funding for its adaptive enterprise privileged access management platform.The company, formerly named V
• Malicious AI Summary: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reput
• From Exposure to Exploitation: How AI Collapses Your Response Window We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just
• Police arrests 651 suspects in African cybercrime crackdown February 19, 2026 06:24 AM 0 African law enforcement agencies arrested 651 suspects and recovered over $4.3 million in
• Introduction In October 2025, we discovered a series of forum posts advertising a previously unknown stealer, dubbed ‘Arkanix Stealer’ by its authors. • It operated under a MaaS
• OpenClaw is rarely out of the news, but not necessarily under that name. • This ‘autonomous personal assistant’ started life as Clawdbot, changed its name to Moltbot, and is now
• Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users Cybersecurity researchers have disclosed details of a new Android trojan calledMassivthat’s designed t
• New ‘Massiv’ Android banking malware poses as an IPTV app February 19, 2026 05:00 AM 0 A new Android banking malware, which researchers named Massiv, is posing as an IPTV app to
• Deutsche Bahn, Germany’s national rail operator, has been dealing with a large-scale distributed denial-of-service (DDoS) attack that has disrupted some of its IT systems.Regular
• CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware Cybersecurity researchers have disclosed details of a new campaign dubbedCRESCENTHARVEST, likely targeti
• Patch Tuesday 2026 fixed 59 CVEs, including six critical zero‑days. • CVE‑2026‑21533: Windows Remote Desktop elevation of privilege, CVSS 7.8. • Exploit modifies service config k
• Survey underscores the reality that scammers follow ‘scalable opportunities and low friction,’ rather than rich targets that tend to be better protected.
• ISC Stormcast For Thursday, February 19th, 2026 https://isc.sans.edu/podcastdetail/9816 Handler on Duty: Johannes Ullrich Threat Level: green My next class: Application Security:
• Insider threats pose a growing risk to organizations. • Whether insiders take malicious actions, exhibit negligent behavior, or make accidental errors, they have the potential to
• A convincing presale site for phony ‘Google Coin’ features an AI assistant that engages victims with a slick sales pitch, funneling payment to attackers.