Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-18 07:00 PST
- Data breach at fintech firm Figure affects nearly 1 million accounts
BleepingComputer • 2026-02-18 06:01 • www.bleepingcomputer.com
Hackers have stolen the personal and contact information of nearly 1 million accounts after breaching the systems of Figure Technology Solutions, a self-described blockchain-native financial technology company. […]
https://www.bleepingcomputer.com/news/security/data-breach-at-fintech-firm-figure-affects-nearly-1-million-accounts/ - Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
The Hacker News • 2026-02-18 05:16 • thehackernews.com
Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely.
The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, and
https://thehackernews.com/2026/02/critical-flaws-found-in-four-vs-code.html - AI Found Twelve New Vulnerabilities in OpenSSL
Schneier on Security • 2026-02-18 04:03 • www.schneier.comThe title of the post is”What AI Security Research Looks Like When It Works,” and I agree:
In the latest OpenSSL security release> on January 27, 2026, twelve new zero-day vulnerabilities (meaning unknown to the maintainers at time of disclosure) were announced. Our AI system is responsible for the original discovery of all twelve, each found and responsibly disclosed to the OpenSSL team during the fall …
https://www.schneier.com/blog/archives/2026/02/ai-found-twelve-new-vulnerabilities-in-openssl.html - Microsoft says bug causes Copilot to summarize confidential emails
BleepingComputer • 2026-02-18 04:03 • www.bleepingcomputer.com
Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-bug-causes-copilot-to-summarize-confidential-emails/ - Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability
The Hacker News • 2026-02-18 03:58 • thehackernews.com
In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance.
In 2026, the seas are no longer calm between storms. Cybersecurity now unfolds in a state of continuous atmospheric instability: AI-driven threats that adapt in real time, expanding
https://thehackernews.com/2026/02/cybersecurity-tech-predictions-for-2026.html - Dutch police arrest man for “hacking” after accidentally sending him confidential files
Graham Cluley • 2026-02-18 02:52 • www.bitdefender.com
Police in The Netherlands say they have arrested a 40-year-old man on suspicion of hacking… after police officers accidentally sent him a link granting him access to their own confidential documentsRead more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/dutch-police-arrest-man-hacking-accidentally-sending-confidential-files - Glendale man gets 5 years in prison for role in darknet drug ring
BleepingComputer • 2026-02-18 02:50 • www.bleepingcomputer.com
A Glendale man was sentenced to nearly five years in federal prison for his role in a darknet drug trafficking operation that sold cocaine, methamphetamine, MDMA, and ketamine to customers across the United States. […]
https://www.bleepingcomputer.com/news/security/glendale-man-gets-5-years-in-prison-for-role-in-darknet-drug-trafficking-operation/ - Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
The Hacker News • 2026-02-18 02:32 • thehackernews.com
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG).
The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials
https://thehackernews.com/2026/02/dell-recoverpoint-for-vms-zero-day-cve.html - 3 Ways to Start Your Intelligent Workflow Program
The Hacker News • 2026-02-18 02:30 • thehackernews.com
Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isn’t enough. 88% of AI proofs-of-concept never make it to production, even though 70% of workers cite freeing time for high-value work as the primary AI automation motivation. Real impact comes
https://thehackernews.com/2026/02/3-ways-to-start-your-intelligent.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
