Latest Internet & Cybersecurity News
Microsoft February 2026 Patch Tuesday Addresses 60 Vulnerabilities Including Six Zero-Days
Microsoft released patches for 60 vulnerabilities, highlighting six new and actively exploited zero-days in Windows, Office, and Azure products. Experts prioritize CVE-2026-21510, CVE-2026-21513, CVE-2026-21514 for bypassing security features like Mark of the Web, and CVE-2026-21525 for DoS in Remote Access Connection Manager. IT teams urged to patch immediately to prevent ransomware and data theft.
Six Zero-Day Vulnerabilities Actively Exploited in Microsoft Products
The zero-days include feature bypasses (CVE-2026-21510, CVE-2026-21514), privilege escalations (CVE-2026-21519, CVE-2026-21533), and DoS (CVE-2026-21525), affecting all supported Windows versions. Attackers exploit them via malicious files and remote access for system control. Prioritize patching Exchange and Azure flaws alongside zero-days.
Kaspersky Releases 2026 Cyber Threat Predictions on Safer Internet Day
Kaspersky warns AI-driven threats will cause cross-sector disruptions in India's digital economy, targeting telecom, ICS, and finance with APTs, ransomware, and deepfakes. AI poses risks in network management, 5G, and supply chains across APAC. Proactive defenses essential as threats operate at machine speed.
CISA Alerts on OT Vulnerabilities After Poland Energy Sector Attack
A late-December attack in Poland damaged RTUs, corrupted firmware, and wiped HMI data at 30+ renewable sites via insecure edge devices and default credentials. CISA urges firmware verification, password changes, and incident plans for OT/ICS. Exposed devices remain primary targets for destructive intrusions.
Ransomware Remains Top AI Threat with Costs Projected at $74 Billion in 2026
Cybersecurity Ventures predicts ransomware damages rising 30% to $74B, evolving with AI for extortion beyond encryption, industrial control contagion, and nation-state destabilization. ZDNet lists 10 AI damage ways including deepfakes and insider threats. Credential mismanagement persists as key challenge.
Extortion Attacks Surge 63% in 2025, Targeting Supply Chains
Intel 471 reports 6,800 extortion attacks in 2025, up 63%, hitting vendors, manufacturing; U.S. most affected. Actors exploited 40% of vulnerabilities; AI to speed exploits in 2026 via remote portals and stolen credentials. Supply-chain breaches like Cleo, Salesloft enable mass intrusions.
Conduent Data Breach Exposes Volvo Group and 25 Million Individuals
Conduent breach now impacts 25 million people, up from 10 million, affecting Volvo Group employees' data. Incident highlights ongoing risks from third-party vendors in supply chains. Businesses urged to monitor for downstream effects.
SAP Releases 27 Security Notes Including Two Critical Vulnerabilities
SAP issued 27 new and updated notes on Patch Tuesday, addressing two critical-severity flaws amid Microsoft updates. Organizations must patch to mitigate enterprise risks. Combined with Microsoft flaws, underscores vendor ecosystem vulnerabilities.
AI-Driven Attacks Raise Stakes for Technology Companies in 2026
AI enables realistic phishing, deepfakes, and scaled attacks harder to detect; tech firms face high impact from sensitive data handling. Mitigation includes AI scam training, identity protocols, and pen testing. Ransomware more disruptive than ever.
Russian Hacktivists Target UK with DDoS Amid Geopolitical Tensions
NCSC warns of pro-Russian DDoS attacks on UK organizations, overwhelming websites and services; simple but impactful. Follows alerts on NATO targeting during Ukraine conflict. Review defenses urged.
2026 Demands Resilience from CISOs Amid AI and Geopolitical Risks
CISOs face AI risks, nonstop cyberpressures, and disruptions requiring rethink of governance and continuity. Focus shifts to resilience in interconnected threats. Predictions align with Kaspersky's sector warnings.
N.S. Energy Regulator Probes 2025 Utility Cyberattack Fallout
March 2025 attack exposed 280,000 customers' data at Nova Scotia utility; dual inquiry into breach and billing issues. Highlights persistent energy sector vulnerabilities. Ongoing risks post-Poland incident.