breach🌐InternationalSecurity Affairs
February 2026 Cyber Roundup: Breaches, Exploits, and APT Activity
Sunday, February 15, 2026
What
This report compiles a wide array of recent cybersecurity incidents, underscoring a complex and evolving threat landscape. It matters because it highlights the persistent and varied challenges organizations face, from data theft to critical infrastructure attacks.
Where
Affected entities span fintech (Figure), healthcare (ApolloMD), telecommunications (Odido, Singapore telcos), government (Senegal, Dutch agencies), and critical infrastructure (Conpet, Volvo Group), impacting customers and employees globally.
When
The incidents and disclosures primarily occurred in February 2026, as reported in the newsletter dated February 15, 2026.
Key Factors
- •Multiple organizations, including Figure, Odido, ApolloMD, and Volvo Group, reported large-scale data breaches, often initiated by phishing or third-party vendor compromises.
- •Several critical vulnerabilities in enterprise software (e.g., BeyondTrust, Ivanti, SolarWinds, Apple, Microsoft) were actively exploited, with some added to CISA's Known Exploited Vulnerabilities catalog.
- •State-backed APT groups (e.g., UNC3886, Google-linked actors) and new threat actors (UAT-9921 deploying VoidLink) continue to target various sectors using advanced malware and AI for reconnaissance.
Takeaways
- →Organizations must maintain rigorous patch management programs and promptly address vulnerabilities, especially those listed in CISA's KEV catalog.
- →Implement comprehensive security awareness training to counter phishing attacks and strengthen incident response capabilities for rapid breach containment.
Read Full Article
Opens original article on Security Affairs
