Daily Digest

CISA Warns of Active Ransomware Attacks Exploiting Critical BeyondTrust and Dell Zero-Day Flaws

CISA Warns of Active Ransomware Attacks Exploiting Critical BeyondTrust and Dell Zero-Day Flaws

February 21, 2026
7 articles (3 new, 4 updated)
21 min read

Summary

This 24-hour period is marked by high-severity alerts from CISA regarding the active exploitation of critical vulnerabilities in BeyondTrust and Dell products for ransomware and espionage campaigns. Major ransomware attacks have crippled Mississippi's largest hospital system (UMMC) and hit Japanese semiconductor giant Advantest. Significant data breaches were also disclosed, including a leak of 1.2 million French bank accounts, a six-month-long exposure at PayPal, and a major theft of PII from educational provider Kaplan. These incidents highlight escalating threats against critical infrastructure, supply chains, and sensitive government databases.

Filter by Category

New Articles (3)

PayPal Discloses Data Breach After Software Bug Exposes User PII for Six Months

MEDIUM

PayPal Notifies Users of Data Breach in Working Capital Program Exposing SSNs

PayPal has disclosed a data breach resulting from a software bug in its PayPal Working Capital (PPWC) loan application. The flaw, which went undetected for nearly six months from July to December 2025, exposed the sensitive personal information of approximately 100 users. The compromised data includes names, addresses, dates of birth, and Social Security numbers. PayPal discovered the issue on December 12, 2025, and fixed it the next day. The company stated that a few customers experienced unauthorized transactions, which have since been refunded, and is offering two years of credit monitoring to those affected.

February 21, 2026
4 min read
PayPalData BreachSoftware BugVulnerabilityPII +2 more
PayPal Discloses Data Breach After Software Bug Exposes User PII for Six Months
Data Breach
Vulnerability

Kaplan Data Breach Exposed SSNs and Driver's Licenses of Over 200,000 Individuals

HIGH

Kaplan North America Concludes Breach Investigation, Confirms Theft of SSNs and Driver's Licenses

Educational services provider Kaplan North America has concluded its investigation into a 2025 cyberattack, confirming that files containing highly sensitive personal information were stolen. The breach, which occurred between October and November 2025, resulted in the exfiltration of names, Social Security numbers, and driver's license numbers. Regulatory filings show the breach impacted at least 173,676 residents in Texas, 26,612 in South Carolina, and 19,075 in Maine, with the total number likely being much higher. Kaplan is now notifying affected individuals and offering one year of identity protection services.

February 21, 2026
4 min read
KaplanData BreachPIISSNIdentity Theft +1 more
Kaplan Data Breach Exposed SSNs and Driver's Licenses of Over 200,000 Individuals
Data Breach
Regulatory

DHS Pressures Google, Meta, Reddit to Unmask Anonymous Critics of ICE

MEDIUM

DHS Issues Hundreds of Subpoenas to Tech Firms Demanding Identities of ICE Critics

The Department of Homeland Security (DHS) has reportedly issued hundreds of administrative subpoenas to major tech companies, including Google, Meta, Reddit, and Discord, demanding the personal details of anonymous social media users. The targeted accounts are those that post critical commentary about Immigration and Customs Enforcement (ICE) or share publicly available information about the agency's operations. This move to unmask online critics using subpoenas that do not require a judge's approval has sparked significant concern among civil liberties advocates and resistance from the tech companies, raising questions about protected speech and privacy.

February 21, 2026
4 min read
DHSICEPrivacyFirst AmendmentSurveillance +3 more
DHS Pressures Google, Meta, Reddit to Unmask Anonymous Critics of ICE
Policy and Compliance
Regulatory

Updated Articles (4)

Fintech Firm Figure Technologies Breached by ShinyHunters; 1 Million Customer Records Leaked

HIGH

Figure Technologies Confirms Data Breach After Employee Targeted in Phishing Attack, ShinyHunters Leaks 2.5GB of Customer Data

Update:

New reports confirm the public data leak by ShinyHunters occurred on February 21, 2026, affecting approximately 967,000 customers of Figure Technology Solutions. While previous reports detailed a social engineering attack as the initial access vector, recent information indicates the specific method of initial compromise has not been officially disclosed, leading to conflicting accounts regarding the breach's origin.

February 15, 2026
Updated: February 21, 2026
5 min read
ShinyHuntersData BreachPhishingSocial EngineeringFintech +2 more
Fintech Firm Figure Technologies Breached by ShinyHunters; 1 Million Customer Records Leaked
Data Breach
Threat Actor
Phishing

Convergence of Identity and Data Security Creates New Attack Vectors, Netwrix Warns

INFORMATIONAL

Netwrix Report: Attackers to Exploit Identity and Data Security Convergence

Update:

Following Netwrix's warning about emerging threats from identity and data security convergence and the rise of agentic AI, several vendors have launched new products. Redpanda and Virtana introduced solutions for AI agent governance and observability, enabling secure interaction with enterprise data. Impart Security released a programmable bot protection product to counter sophisticated AI-powered bot threats. These developments indicate the industry is actively building defenses against the predicted attack vectors, offering tools for secure AI adoption and enhanced bot management.

January 29, 2026
Updated: February 21, 2026
5 min read
identity securitydata securityIAMAIautomation +1 more
Convergence of Identity and Data Security Creates New Attack Vectors, Netwrix Warns
Threat Intelligence
Policy and Compliance
Cloud Security

AI's Role in Malware Evolves from Assistant to Embedded Threat Component

INFORMATIONAL

AI in Malware Evolves from Development Assistant to Embedded Evasion Component

Update:

The UAE Cyber Security Council successfully disrupted a series of sophisticated, AI-powered cyberattacks targeting critical infrastructure. These attacks, described as having a 'terrorist nature,' involved ransomware, network infiltration, and large-scale phishing campaigns. Officials highlighted the attackers' use of AI to develop offensive tools, marking a 'qualitative shift' in threats. This incident provides a concrete, real-world example of the AI-integrated malware and advanced evasion techniques previously theorized, demonstrating the practical application of AI in cyber warfare and validating the evolving threat landscape.

February 18, 2026
Updated: February 21, 2026
4 min read
AIMalwareThreat IntelligencePolymorphic MalwareDefense Evasion
AI's Role in Malware Evolves from Assistant to Embedded Threat Component
Malware
Threat Intelligence

Semiconductor Giant Advantest Hit by Ransomware, Investigates Impact on Supply Chain

HIGH

Advantest Corporation, a Key Semiconductor Equipment Maker, Investigates Ransomware Attack

Update:

Advantest Corporation has provided a more detailed timeline for its ransomware incident, stating the attack was initially detected on February 15, 2026. The company issued a public statement confirming the breach on February 19, 2026. Advantest has engaged external cybersecurity forensics firms to assist with the ongoing investigation. The primary focus remains on determining the full scope of the intrusion, including whether any sensitive data, such as intellectual property or customer and employee information, was exfiltrated by the attackers. The incident continues to highlight significant supply chain risks.

February 20, 2026
Updated: February 21, 2026
4 min read
advantestransomwaresemiconductorsupply chainmanufacturing
Semiconductor Giant Advantest Hit by Ransomware, Investigates Impact on Supply Chain
Ransomware
Supply Chain Attack
Industrial Control Systems

📢 Share This Publication

Help others stay informed about cybersecurity threats