CISA Warns of Active Ransomware Attacks Exploiting Critical BeyondTrust and Dell Zero-Day Flaws

Publication Date: February 21, 2026

Summary

This 24-hour period is marked by high-severity alerts from CISA regarding the active exploitation of critical vulnerabilities in BeyondTrust and Dell products for ransomware and espionage campaigns. Major ransomware attacks have crippled Mississippi's largest hospital system (UMMC) and hit Japanese semiconductor giant Advantest. Significant data breaches were also disclosed, including a leak of 1.2 million French bank accounts, a six-month-long exposure at PayPal, and a major theft of PII from educational provider Kaplan. These incidents highlight escalating threats against critical infrastructure, supply chains, and sensitive government databases.

Today New Articles

PayPal Discloses Data Breach After Software Bug Exposes User PII for Six Months

PayPal has disclosed a data breach resulting from a software bug in its PayPal Working Capital (PPWC) loan application. The flaw, which went undetected for nearly six months from July to December 2025, exposed the sensitive personal information of approximatel...

Kaplan Data Breach Exposed SSNs and Driver's Licenses of Over 200,000 Individuals

Educational services provider Kaplan North America has concluded its investigation into a 2025 cyberattack, confirming that files containing highly sensitive personal information were stolen. The breach, which occurred between October and November 2025, result...

DHS Pressures Google, Meta, Reddit to Unmask Anonymous Critics of ICE

The Department of Homeland Security (DHS) has reportedly issued hundreds of administrative subpoenas to major tech companies, including Google, Meta, Reddit, and Discord, demanding the personal details of anonymous social media users. The targeted accounts are...

Article Updates

Convergence of Identity and Data Security Creates New Attack Vectors, Netwrix Warns

Update:Following Netwrix's warning about emerging threats from identity and data security convergence and the rise of agentic AI, several vendors have launched new products. Redpanda and Virtana introduced solutions for AI agent governance and observability, enabling...

Fintech Firm Figure Technologies Breached by ShinyHunters; 1 Million Customer Records Leaked

Update:New reports confirm the public data leak by ShinyHunters occurred on February 21, 2026, affecting approximately 967,000 customers of Figure Technology Solutions. While previous reports detailed a social engineering attack as the initial access vector, recent i...

AI's Role in Malware Evolves from Assistant to Embedded Threat Component

Update:The UAE Cyber Security Council successfully disrupted a series of sophisticated, AI-powered cyberattacks targeting critical infrastructure. These attacks, described as having a 'terrorist nature,' involved ransomware, network infiltration, and large-scale phis...

Semiconductor Giant Advantest Hit by Ransomware, Investigates Impact on Supply Chain

Update:Advantest Corporation has provided a more detailed timeline for its ransomware incident, stating the attack was initially detected on February 15, 2026. The company issued a public statement confirming the breach on February 19, 2026. Advantest has engaged ext...