Daily Digest

Microsoft Patches Six Exploited Zero-Days in Massive February Update; CISA Warns of Chinese BRICKSTORM Malware

February 12, 2026

9 articles (8 new, 1 updated)

27 min read

Summary

This cybersecurity brief for February 12, 2026, covers a critical Microsoft Patch Tuesday addressing 58 vulnerabilities, including six actively exploited zero-days now on CISA's KEV list. Concurrently, CISA, NSA, and Canadian partners released an updated advisory on the BRICKSTORM backdoor, a sophisticated malware used by Chinese state-sponsored actors to target VMware environments for long-term persistence. Other major incidents include a massive data breach at Dutch telecom giant Odido affecting 6.2 million customers, attributed to the ShinyHunters group, and a surge in ransomware attacks prompting new FCC guidance for communications providers.

Filter by Category

New Articles (8)

Dutch Telecom Odido Hit by Massive Data Breach; 6.2 Million Customers Exposed

CRITICAL

ShinyHunters Claims Responsibility for Odido Data Breach Affecting 6.2 Million Customers in the Netherlands

Odido, the largest mobile provider in the Netherlands, has suffered a colossal data breach exposing the personal information of 6.2 million customers. The company confirmed the incident on February 12, 2026, after detecting unauthorized access to a customer contact system over the previous weekend. The compromised data is extensive, including names, addresses, phone numbers, email addresses, dates of birth, and, in some cases, bank account (IBAN) and government ID numbers. The threat actor group ShinyHunters has claimed responsibility, allegedly after Odido refused to pay a ransom. The attack is believed to have been initiated through a sophisticated social engineering campaign targeting customer service employees. A criminal investigation has been launched by Dutch authorities.

February 12, 2026

6 min read

Data BreachOdidoShinyHuntersNetherlandsTelecommunications +4 more

Data Breach

Phishing

Threat Actor

Automotive Cyber Risk Escalates to Enterprise-Wide Challenge, VicOne Report Warns

INFORMATIONAL

VicOne's 2026 Report Reveals Automotive Cyber Incidents Now Span Entire Organizations

A new report from automotive cybersecurity firm VicOne, released on February 11, 2026, warns that cyber threats in the automotive industry have evolved from isolated technical issues into enterprise-wide risks. Titled "Crossroads: Automotive Cybersecurity in the Overlap Era," the report finds that cross-organizational cyber incidents tripled in 2025. This trend is driven by the centralization of software platforms and over-the-air (OTA) update infrastructures, which magnify the impact of a single security failure. The report also highlights the "Overlap Era," where legacy vehicle systems, software-defined vehicles, and AI create a complex, interconnected risk landscape. VicOne also points to a significant blind spot in vulnerability management, having discovered 174 zero-day vulnerabilities in connected vehicles and EV chargers that are not tracked in the public CVE system.

February 12, 2026

5 min read

Automotive CybersecurityVicOneSDVOTAAI +3 more

Automotive Cyber Risk Escalates to Enterprise-Wide Challenge, VicOne Report Warns

Policy and Compliance

Threat Intelligence

Other

SitusAMC Nears Completion of Data Breach Investigation from November 2025 Incident

HIGH

SitusAMC Issues Update on November 2025 Data Breach, Consumer Notifications Imminent

SitusAMC, a key technology and services provider for the real estate finance industry, announced on February 12, 2026, that it is finalizing its investigation into a data breach first detected in November 2025. The company stated that notifications to affected consumers will be sent out in the coming weeks. The breach, which did not involve ransomware, compromised corporate data and potentially the personal and financial information of its clients' customers, which include major financial institutions. The incident highlights the significant supply chain risk in the financial sector, as a breach at a single vendor can have cascading effects on numerous banks and their customers. SitusAMC has confirmed the threat actor has been removed from its systems.

February 12, 2026

4 min read

SitusAMCData BreachSupply Chain AttackFinancial ServicesThird-Party Risk

Data Breach

Supply Chain Attack

Incident Response

Arizona Urology Practice Breach Exposes PHI of Over 73,000 Patients

HIGH

Academic Urology & Urogynecology of Arizona Notifies 73,281 Patients of May 2025 Data Breach

Academic Urology & Urogynecology of Arizona (AUUA) has begun notifying 73,281 individuals that their personal and protected health information (PHI) was compromised in a data breach that occurred in May 2025. The notification letters, sent starting February 12, 2026, come after a lengthy investigation determined that an unauthorized party had accessed the network between May 18 and May 22, 2025. The exposed data is highly sensitive and includes names, Social Security numbers, financial account information, and detailed medical information such as diagnoses, treatments, and prescriptions. While AUUA has no evidence of fraud resulting from the incident, it is offering complimentary credit monitoring to affected individuals.

February 12, 2026

5 min read

Data BreachHealthcareHIPAAPHIPII +1 more

Arizona Urology Practice Breach Exposes PHI of Over 73,000 Patients

Data Breach

Regulatory

Turkish Retailer Civil Mağazacılık Breach Exposes Data of 4.5 Million

HIGH

Turkish Children's Retailer Civil Mağazacılık Reports Data Breach Affecting 4.5 Million Customers and Employees

Civil Mağazacılık, a major Turkish retailer specializing in baby and children's products, has reported a significant data breach estimated to affect 4.5 million individuals. According to a notification filed with Turkey's Personal Data Protection Authority (KVKK), the breach began on February 12, 2026, but was not detected until February 28. Attackers gained access to a Windows Server hosting the company's CRM database using an administrator account and exfiltrated the contents. The compromised data includes sensitive personal information such as full names, Turkish ID numbers (T.C. kimlik no), phone numbers, and email addresses. The KVKK has launched an investigation into the incident.

February 12, 2026

4 min read

Data BreachRetailTurkeyKVKKPII +1 more

Turkish Retailer Civil Mağazacılık Breach Exposes Data of 4.5 Million

Data Breach

Regulatory

Starbucks Discloses Data Breach Affecting 889 Employees via Phishing Attack

MEDIUM

Phishing Campaign Against Starbucks' 'Partner Central' Portal Compromises Data of 889 Employees

Starbucks has revealed a data breach impacting 889 of its employees, or "partners," after their accounts on the company's 'Partner Central' portal were compromised. The breach was the result of a successful phishing campaign where employees were tricked into entering their credentials on imposter websites. The unauthorized access occurred over three weeks, between January 19 and February 11, 2026. The company discovered the activity on February 6 and contained it five days later. The exposed data is highly sensitive, including employees' full names, Social Security numbers, and financial account and routing numbers. Starbucks has stated that no customer data was affected and is providing identity theft protection services to the impacted employees.

February 12, 2026

4 min read

StarbucksData BreachPhishingPIISSN

Data Breach

Phishing

Higher Education Software Provider Nuventive Achieves SOC 2 Type II Compliance

INFORMATIONAL

Nuventive Announces Successful Completion of SOC 2 Type II Compliance Audit

Nuventive, a software company that provides data and improvement platforms for the higher education sector, announced on February 11, 2026, that it has successfully completed its System and Organization Controls (SOC) 2 Type II compliance audit. This certification, validated by the independent auditing firm A-LIGN, affirms that Nuventive's security practices, policies, and infrastructure meet the stringent trust services criteria set by the American Institute of Certified Public Accountants (AICPA). The achievement demonstrates the company's commitment to data security and provides assurance to its higher education clients that their sensitive institutional and student data is being managed securely.

February 12, 2026

3 min read

NuventiveSOC 2ComplianceAuditHigher Education +1 more

Higher Education Software Provider Nuventive Achieves SOC 2 Type II Compliance

Policy and Compliance

Regulatory

Europe's Largest University, La Sapienza, Crippled by Ransomware Attack

CRITICAL

La Sapienza University in Rome Remains Largely Offline Following Major Cyberattack Attributed to Pro-Russian Group

La Sapienza University in Rome, Europe's largest university, continues to reel from a major cyberattack that began in early February 2026. The attack forced a precautionary shutdown of most of its IT systems, causing widespread disruption for its 112,500 students and staff. As of February 11, many digital services, including the main website, remained offline. While the university has not officially confirmed the details, reports attribute the incident to a pro-Russian threat actor group named Femwar02, using a strain of Bablock/Rorschach ransomware. A ransom note was reportedly found, but the university has avoided engagement. The incident highlights the growing trend of ransomware attacks targeting the academic sector.

February 12, 2026

5 min read

RansomwareLa SapienzaUniversityEducationItaly +3 more

Ransomware

Cyberattack

Threat Actor

Updated Articles (1)

FCC Warns Telecoms of 4x Increase in Ransomware, Urges Better Security

INFORMATIONAL

FCC Issues Alert to Telecommunications Sector Amidst Rising Ransomware Attacks

Update:

New reports from February 12, 2026, highlight a significant escalation in ransomware activity, with a 31.4% increase in incidents over the past four months compared to the 2025 average. January 2026 alone saw 679 claimed attacks, with the U.S. remaining the primary target and the healthcare sector most affected. The Qilin ransomware group was particularly active, claiming 115 victims. The FCC's Public Safety and Homeland Security Bureau's public notice (DA 26-83) on January 29, 2026, further emphasizes the need for communications providers to adopt stronger cybersecurity measures, now explicitly including comprehensive risk management plans and 'zero trust' architecture, alongside previously recommended MFA, patching, and network segmentation.

February 3, 2026

Updated: February 12, 2026

5 min read

FCCtelecomransomwareregulationnational security

FCC Warns Telecoms of 4x Increase in Ransomware, Urges Better Security

Policy and Compliance

Regulatory

Ransomware

📢 Share This Publication

Help others stay informed about cybersecurity threats