Daily Digest

Critical Dell Zero-Day Exploited by Chinese Spies; Massive Data Breaches Strike French Government and Dutch Telecom

February 19, 2026

7 articles (6 new, 1 updated)

21 min read

Summary

This cybersecurity brief for February 19, 2026, is dominated by the discovery of a critical 10.0 CVSS zero-day in Dell RecoverPoint, actively exploited by a Chinese espionage group since mid-2024. The period also saw two massive data breaches: France's national bank registry (FICOBA) was compromised, exposing 1.2 million accounts, while Dutch telecom giant Odido suffered a breach affecting over 6 million customers. Other significant events include a vishing attack on fintech firm Figure claimed by ShinyHunters, a supply chain incident at an Adidas partner, and a critical vulnerability allowing eavesdropping on Grandstream VoIP phones. Regulatory bodies like the FCC and CISA issued urgent warnings, highlighting the escalating ransomware and exploitation risks.

Filter by Category

New Articles (6)

Adidas Investigates Third-Party Data Breach After Lapsus$ Claims 815k Record Theft

MEDIUM

Adidas Probes Supply Chain Breach at Partner Firm; Lapsus$ Affiliate Claims Responsibility

Sportswear giant Adidas is investigating a data breach at an independent third-party partner responsible for distributing its martial arts products. The investigation follows a claim made on a hacking forum by a threat actor using the alias 'LAPSUS-GROUP', who alleged the theft of 815,000 records from the Adidas partner extranet. The stolen data reportedly includes user PII and technical data. Adidas stated that its own core IT infrastructure and consumer data are not affected, but the incident highlights the significant risks posed by supply chain security vulnerabilities.

February 19, 2026

5 min read

supply chain attackdata breachAdidasLapsus$third-party risk +1 more

Supply Chain Attack

Data Breach

Threat Actor

DEF CON Bans Three Prominent Tech Figures Over Links to Jeffrey Epstein

INFORMATIONAL

DEF CON Hacking Conference Bans Pablos Holman, Vincenzo Iozzo, and Joichi Ito Amid Epstein Fallout

The DEF CON hacking conference has permanently banned three well-known figures from the technology and cybersecurity community: inventor Pablos Holman, cybersecurity executive Vincenzo Iozzo, and former MIT Media Lab director Joichi 'Joi' Ito. The decision follows the release of Department of Justice files and investigative reports detailing their connections and interactions with the late convicted sex offender Jeffrey Epstein. The move reflects an effort by the influential conference to uphold ethical standards and distance the community from the scandal, though it has been met with some criticism.

February 19, 2026

3 min read

DEF CONEpsteinethicscybersecurity communityPablos Holman +2 more

DEF CON Bans Three Prominent Tech Figures Over Links to Jeffrey Epstein

Policy and Compliance

Regulatory

Other

Asahi Confirms 115k Records Leaked in 2025 Ransomware Attack, Details New Security Measures

HIGH

Asahi Group Holdings Confirms Scope of Data Leak from September 2025 Ransomware Incident

Japanese food and beverage giant Asahi Group Holdings has provided a final update on the ransomware attack that crippled its operations in September 2025. The company confirmed the incident resulted in the leak of 115,513 sets of personal data, including information belonging to corporate clients and its own employees. The attack had previously caused severe system glitches, forcing a suspension of production and shipments. In its announcement, Asahi detailed a series of new security enhancements being implemented to prevent future incidents.

February 19, 2026

3 min read

ransomwaredata breachAsahiincident responsemanufacturing +1 more

Ransomware

Data Breach

Incident Response

WEF Report: AI Supercharges Cyber Arms Race, Widens Global 'Cyber Equity' Gap

INFORMATIONAL

World Economic Forum's Global Cybersecurity Outlook 2026 Highlights AI Risks and 'Security Poverty Line'

The World Economic Forum's (WEF) "Global Cybersecurity Outlook 2026" report warns of a deepening 'cyber equity' gap, where many organizations are falling below a 'security poverty line' and lack the resources to defend against modern threats. The report, based on data from 800 global leaders, also highlights the dual-edged role of AI, noting that while more organizations are assessing AI tools, 87% of leaders believe AI will significantly amplify cyber threats. The WEF calls for greater public-private collaboration to address these systemic risks to the global digital ecosystem.

February 19, 2026

4 min read

World Economic ForumWEFAIcybersecurity outlookcyber equity +2 more

WEF Report: AI Supercharges Cyber Arms Race, Widens Global 'Cyber Equity' Gap

Policy and Compliance

Regulatory

Threat Intelligence

Lumifi Inks Deal with Vizient to Strengthen Cybersecurity for US Healthcare Sector

INFORMATIONAL

Lumifi Announces Agreement with Vizient to Provide Cybersecurity Services to Healthcare Organizations

Cybersecurity provider Lumifi has announced a new contract with Vizient, the largest provider-driven healthcare performance improvement company in the United States. The agreement will give Vizient's extensive network of member organizations, including hospitals and healthcare providers, enhanced access and pricing for Lumifi's full suite of security services. The partnership aims to help healthcare organizations combat rising cyber threats like ransomware and address compliance demands and staffing shortages by providing services like 24/7 MDR, SOC-as-a-Service, and incident response.

February 19, 2026

3 min read

LumifiVizienthealthcareMDRSOC-as-a-Service +2 more

Lumifi Inks Deal with Vizient to Strengthen Cybersecurity for US Healthcare Sector

Security Operations

Incident Response

Policy and Compliance

CISA Adds Four Actively Exploited Flaws in Chrome, Windows, Zimbra to KEV Catalog

HIGH

CISA Mandates Patching for Four New Known Exploited Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, confirming they are being actively abused in the wild. The flaws affect a range of widely used products from Google (Chrome), Microsoft (Windows), Zimbra (Collaboration Suite), and ThreatSonar. By adding these to the KEV catalog, CISA has issued a binding operational directive requiring U.S. federal civilian agencies to apply patches by a specified deadline. All organizations are strongly urged to prioritize these vulnerabilities for immediate remediation.

February 19, 2026

4 min read

CISAKEVvulnerabilityexploitationpatch management +3 more

CISA Adds Four Actively Exploited Flaws in Chrome, Windows, Zimbra to KEV Catalog

Patch Management

Vulnerability

Regulatory

Updated Articles (1)

Dutch Telecom Odido Hit by Massive Data Breach; 6.2 Million Customers Exposed

CRITICAL

ShinyHunters Claims Responsibility for Odido Data Breach Affecting 6.2 Million Customers in the Netherlands

Update:

New details reveal attackers directly contacted Odido for extortion. The company confirmed that passwords, call records, and billing information were not compromised. The update also provides specific cyber observables for detection, including database audit logs and network egress patterns, and highlights potential national security implications due to the widespread leak of government ID details.

February 12, 2026

Updated: February 19, 2026

6 min read

Data BreachOdidoShinyHuntersNetherlandsTelecommunications +4 more

Data Breach

Phishing

Threat Actor

📢 Share This Publication

Help others stay informed about cybersecurity threats