23rd February – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 23rd February, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
France’s Ministry of Economy has disclosed a data breach resulted from an unauthorized access to the national bank account registry FICOBA, impacting information tied to 1.2 million accounts. Exposed data includes names, addresses, account identifiers and, in some...
PII Pillage: How Attackers Use BitPanda to Plunder Credentials
By: Josh Varden, Cofense Phishing Defense CenterGiven cryptocurrency’s rise in popularity, it has slowly worked its way into the mainstream economy. Coins such as Bitcoin, Ethereum, Sol, and other digital currencies are commonly used in place of traditional currencies to complete transactions. To help manage transactions, an individual will need brokerage apps and services to ensure a safe, smooth,...
AWS Graviton4 instances now available on Elastic Cloud Hosted
Elastic Cloud now supports AWS Graviton4-powered ARM hardware profiles. CPU Optimized ARM delivers up to 15% better price-performance, while Storage Optimized ARM delivers up to 40% better price-performance. - Read more
CarGurus – 12,461,887 breached accounts
In February 2026, the automotive marketplace CarGurus was the target of a data breach attributed to the threat actor ShinyHunters. Following an attempted extortion, the data was published publicly and contained more than 12M email addresses across multiple files including user account ID mappings, finance pre-qualification application data and dealer account and subscription information. Impacted data also included names,...
Hackers Leveraging Multiple AI Services to Compromise 600+ FortiGate Devices
A financially motivated threat actor exploited various commercial generative AI services to compromise over 600 FortiGate devices across more than 55 countries between January 11 and February 18, 2026. The campaign marks a defining demonstration of how AI is lowering the technical entry barrier to offensive cyber operations, enabling a low- to medium-skilled individual or small group to execute...
CVE-2020-36426 An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).
Information published. - Read more
Latest article
Threat tactic spotlight: Subdomain takeover
In this blog post you’ll learn how to detect and prevent subdomain takeover – a tactic where threat actors exploit dangling DNS records to...
The Half-Life of Threat Intelligence: When Does an IOC Stop Being Useful?
The concept of the IOC — the Indicator of Compromise — sits at the operational heart of modern threat detection. Block the IP. Flag...
Best Prime Day Tech Deals: Apple, Bose, Garmin, and More
Shop early Amazon Prime Day tech deals on earbuds, mice, routers, doorbells, headphones, smartwatches, Android phones, and fitness watches.
The post Best Prime Day Tech...
SprySOCKS Backdoor Expands From Linux to Windows
China-linked SprySOCKS backdoor gains stealthy Windows variants and 30-plus C2 commands - Read more
