Latest Internet & Cybersecurity News
Google Patches First Actively Exploited Chrome Zero-Day of 2026
Google released an emergency Chrome update on Friday to address a zero-day vulnerability (CVE not specified) actively exploited in the wild. This marks the first such Chrome zero-day patched this year, urging users to update immediately.
Check Point also noted Google patching 11 vulnerabilities in Chrome 145.
BeyondTrust Critical Vulnerability Under Active Exploitation
CVE-2026-1731 (CVSS 9.9) in BeyondTrust Remote Support and Privileged Remote Access is exploited within 24 hours of PoC release, enabling unauthenticated RCE. Attackers send crafted requests for remote code execution.
Check Point IPS provides protection against this command injection flaw.
Odido Telco Breach Exposes Millions of Dutch Customers
Netherlands' largest mobile operator Odido suffered a breach in its customer contact system, potentially affecting 6.2 million users. Compromised data includes names, addresses, emails, IBANs, birth dates, and ID numbers, but no passwords or billing info.
The company engaged experts and assured operational services remain unaffected.
Luxury Brands Dior, Louis Vuitton, Tiffany Fined $25M in South Korea
South Korean authorities fined Dior, Louis Vuitton, and Tiffany $25 million over massive data breaches from a recent hacker attack. The penalties highlight accountability for luxury firms handling customer data.
This underscores growing regulatory scrutiny on breach responses.
Fintech Figure Discloses Data Breach from Employee Phishing
Fintech firm Figure revealed a data breach on February 16, 2026, triggered by an employee phishing attack. Details on exposed data remain limited, but it adds to rising phishing incidents.
Organizations are urged to bolster anti-phishing training.
Microsoft Releases February 2026 Patch Tuesday Updates
Microsoft issued its February 2026 Patch Tuesday, addressing multiple vulnerabilities as noted in Check Point's report. This routine update is critical amid rising exploit trends.
Users should apply patches promptly to mitigate risks.
TeamPCP Hijacks Cloud Infrastructure for Cybercrime
Threat cluster TeamPCP targets misconfigured cloud environments like Docker, Kubernetes, and Redis for crypto mining, proxyware, and extortion. They scan IP ranges for vulnerabilities like React2Shell.
This highlights dangers of exposed cloud APIs.
DragonForce Ransomware Cartel Expands Operations
S2W detailed DragonForce, a RaaS group since 2023, growing via attacks on rivals and partnerships to dominate ransomware ecosystem. It promotes itself as a cartel for influence.
Ransomware volatility continues with groups like Qilin surging.
First Contact Health Sanctioned for Cybersecurity Failings
First Contact Health faced sanctions for lacking MFA, conditional access, and monitoring tools, exposing health data. An enforcement order mandates security improvements or face stricter action.
Robust authentication is essential for sensitive data handlers.
Rise of Agentic AI and Quantum Threats in 2026 Cybersecurity
2026 sees Agentic AI enabling autonomous attacks and 'Harvest Now, Decrypt Later' quantum risks intensifying. Focus shifts to resilient recovery and identity-first security.
Federal agencies prioritize post-quantum crypto and continuous verification.
German Warning on State-Sponsored Phishing via Messaging Apps
German intelligence warns of state-sponsored phishing abusing messaging apps, amid rising brand impersonation since February. Phishing attacks surged, prompting expert vigilance.
Multi-channel tactics like ClickFix rose 500%.
Aries Global Acquires IS Decisions for Enhanced Access Security
On February 16, 2026, Aries Global acquired IS Decisions, boosting Active Directory security with UserLock and FileAudit. Products offer MFA, session controls, and AI-ready analytics for hybrid environments.
This strengthens identity protection amid perimeter shifts.