MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84

 | 

Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini February 15, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Fintech firm Figure disclosed data breach after employee phishing attack
U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog
Suspected Russian hackers deploy CANFAIL malware against Ukraine
New threat actor UAT-9921 deploys VoidLink against enterprise sectors
Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release
Google: state-backed hackers exploit Gemini AI for cyber recon and attacks
U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog
Odido confirms massive breach; 6.2 Million customers impacted
ApolloMD data breach impacts 626,540 people
LummaStealer activity spikes post-law enforcement disruption
Apple fixed first actively exploited zero-day in 2026
Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass
Volvo Group hit in massive Conduent data breach
Reynolds ransomware uses BYOVD to disable security before encryption
SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days
ZeroDayRAT spyware grants attackers total access to mobile devices
Senegal shuts National ID office after ransomware attack
Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data
China-linked APT UNC3886 targets Singapore telcos
Critical Fortinet FortiClientEMS flaw allows remote code execution
BeyondTrust fixes critical pre-auth bug allowing remote code execution
European Commission probes cyberattack on mobile device management system
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor
Romania’s national oil pipeline firm Conpet reports cyberattack
Flickr moves to contain data exposure, warns users of phishing
DKnife toolkit abuses routers to spy and deliver malware since 2019

International Press – Newsletter

Cybercrime

Romanian oil pipeline operator Conpet discloses cyberattack    

Flickr Security Incident Tied to Third-Party Email System  

Senegal’s File Automation Directorate Hit by Cyberattack, Hackers Claim 139TB Data Breach  

Odido warns of data breach: millions of customer data stolen in cyber attack

BADIIS to the Bone: New Insights to a Global SEO Poisoning Campaign 

Malware

Threat Alert: TeamPCP, An Emerging Force in the Cloud Native and Ransomware Landscape  

Reynolds: Defense Evasion Capability Embedded in Ransomware Payload  

AgreeToSteal: The First Malicious Outlook Add-In Leads to 4,000 Stolen Credentials  

Fake recruiter campaign targets crypto devs

Hacking

Active Exploitation of SolarWinds Web Help Desk  

CVE-2026-1731: Pre-Auth RCE in BeyondTrust Remote Support & PRA  

Hacker Conversations: Professional Hacker Douglas Day  

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

Reconnaissance Has Begun for the New BeyondTrust RCE (CVE-2026-1731): Here’s What We See So Far  

2026-01-14: The Day the telnet Died  

Intelligence and Information Warfare

Largest Multi-Agency Cyber Operation Mounted to Counter Threat Posed by Advanced Persistent Threat (APT) Actor UNC3886 to Singapore’s Telecommunications Sector  

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT 

Russia’s hybrid attacks throughout Europe are becoming more dangerous  

UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering

North Korean IT workers are secretly employed in Norwegian companies 

GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use       

New threat actor, UAT-9921, leverages VoidLink framework in campaigns

Beyond the Battlefield: Threats to the Defense Industrial Base     

Fake recruiter campaign targets crypto devs  

Cybersecurity

Commission responds to cyber-attack on its central mobile infrastructure 

The February 2026 Security Update Review  

Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed  

Hacker linked to Epstein removed from Black Hat cyber conference website

Fintech lending giant Figure confirms data breach 

Weaponising AI: The New Cyber Attack Surface  

Russia tries to block WhatsApp, Telegram in communication blockade

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini February 15, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84
Read more
Pierluigi Paganini February 14, 2026
Fintech firm Figure disclosed data breach after employee phishing attack
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84

Malware / February 15, 2026

Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION

Security / February 15, 2026

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026