Daily Digest

Critical Zero-Days in Cisco & Dell Actively Exploited; Major Breaches at ManoMano and Dutch Government

Critical Zero-Days in Cisco & Dell Actively Exploited; Major Breaches at ManoMano and Dutch Government

February 28, 2026
6 articles (5 new, 1 updated)
18 min read

Summary

This reporting period is marked by high-severity incidents, including the active exploitation of two critical, CVSS 10.0 zero-day vulnerabilities in Cisco SD-WAN and Dell RecoverPoint products, prompting emergency directives and urgent patching advisories. A massive supply chain data breach at European retailer ManoMano exposed the data of 38 million customers, while a sophisticated phishing campaign named 'Diesel Vortex' targeted the US and European logistics sectors. Further incidents include a prolonged breach at the Dutch prison agency, the abuse of AI tools like ChatGPT and Claude for malicious campaigns, and legal fallout from a 2025 ransomware attack linked to a flaw in SonicWall's cloud backup service.

Filter by Category

New Articles (5)

ManoMano Breach: 38 Million Customers Exposed After Third-Party Customer Service Provider Hacked

HIGH

European Retailer ManoMano Suffers Massive Data Breach Affecting 38 Million Customers Through Compromised Subcontractor

European DIY e-commerce giant ManoMano has disclosed a significant data breach impacting approximately 38 million customers across France, Germany, Italy, Spain, and the UK. The incident, which occurred in January 2026, was not a direct breach of ManoMano's systems but a supply chain attack targeting a third-party customer service provider. A threat actor known as 'Indra' has claimed responsibility, stating they exfiltrated 43GB of data, including full names, email addresses, phone numbers, and customer service message histories. ManoMano has confirmed that financial data and account passwords were not compromised. The company has since disabled the subcontractor's access, notified data protection authorities like France's CNIL, and is warning affected customers about potential phishing attacks.

February 28, 2026
6 min read
supply chain attackthird-party breache-commercePIIGDPR +1 more
ManoMano Breach: 38 Million Customers Exposed After Third-Party Customer Service Provider Hacked
Data Breach
Supply Chain Attack
Threat Actor

‘Diesel Vortex’ Phishing Ring Steals Over 1,600 Credentials from US & European Logistics Firms

HIGH

Sophisticated 'Diesel Vortex' Phishing Campaign Hits Freight and Logistics Industry with Advanced Evasion Techniques

A financially motivated threat group dubbed 'Diesel Vortex' has been identified targeting the freight and logistics industry in the United States and Europe since September 2025. The campaign utilized a Phishing-as-a-Service (PaaS) model, complete with call centers and typosquatted domains mimicking platforms like DAT Truckstop and Penske Logistics. The actors employed a 'Dual-Domain Deception' technique to bypass browser warnings and used vishing and Telegram to capture MFA codes. An exposed .git repository led investigators to the group's infrastructure, revealing the theft of 1,649 unique credentials and evidence of financial fraud, including double-brokering and EFS check fraud. The group is believed to be Armenian-speaking with ties to Russian infrastructure.

February 28, 2026
5 min read
phishing-as-a-servicevishingMFA bypasstyposquattingcredential theft +3 more
‘Diesel Vortex’ Phishing Ring Steals Over 1,600 Credentials from US & European Logistics Firms
Phishing
Threat Actor
Cyberattack

Dutch Prison Agency Data Exposed for Five Months in Wider Government Hack

HIGH

Hackers Maintained Access to Dutch Prison Agency (DJI) Systems for Five Months, Exposing Staff Data

An investigation has revealed that hackers had prolonged access, for at least five months, to the systems of the Dutch prison agency (Dienst Justitiële Inrichtingen - DJI). The breach exposed sensitive staff data, including email addresses, phone numbers, and security certificates, raising fears of blackmail. The attackers also gained access to phones, tablets, and laptops. The incident is part of a wider attack that also affected other Dutch government bodies, including the privacy watchdog and the judiciary council. The Dutch National Cyber Security Centre (NCSC) is monitoring the situation as the investigation continues.

February 28, 2026
5 min read
governmentAPTlong-term persistencedwell timeespionage +2 more
Dutch Prison Agency Data Exposed for Five Months in Wider Government Hack
Data Breach
Cyberattack
Threat Intelligence

Accounting Firm Legacy Professionals LLP Reports Data Breach Affecting Over 215,000 People

HIGH

Legacy Professionals LLP Notifies Maine AG of Data Breach Impacting More Than 215,000 Individuals

The accounting and consulting firm Legacy Professionals LLP has reported a data breach to the Attorney General of Maine, indicating that the personal information of over 215,000 people has been compromised. The firm discovered suspicious activity on its internal computer network where 'sensitive identifiable information' was stored. The notification suggests that personal data of Maine residents was involved, triggering the reporting requirement. The full scope of the breach, the specific data types exposed, and the attack vector have not yet been publicly disclosed. The firm is in the process of notifying the affected individuals.

February 28, 2026
4 min read
accountingprofessional servicesPIIsensitive dataidentity theft
Accounting Firm Legacy Professionals LLP Reports Data Breach Affecting Over 215,000 People
Data Breach

Hacker Reportedly Used 'Jailbroken' AI Chatbot Claude to Breach Mexican Government Agencies

HIGH

AI Chatbot 'Claude' Abused by Hacker to Steal 150GB of Data from Mexican Government

A hacker has reportedly used Anthropic's AI chatbot, Claude, to facilitate a series of cyberattacks against Mexican government agencies, resulting in the theft of approximately 150 GB of data. The compromised information is said to include 195 million taxpayer and voter records, government employee credentials, and civil registry files. The targeted agencies include Mexico's tax authority and national electoral institute. The attacker allegedly had to 'jailbreak' the AI model, bypassing its safeguards, to get it to assist in writing the scripts needed to breach the government networks. The incident highlights the growing threat of advanced AI tools being abused for malicious cyber operations.

February 28, 2026
5 min read
AIArtificial IntelligenceLLMchatbotjailbreak +3 more
Hacker Reportedly Used 'Jailbroken' AI Chatbot Claude to Breach Mexican Government Agencies
Data Breach
Cyberattack
Threat Intelligence

Updated Articles (1)

Microsoft and Dell Patch Actively Exploited Zero-Day Vulnerabilities

CRITICAL

Microsoft Patches Windows Admin Center Flaw as Dell Discloses Actively Exploited RecoverPoint Zero-Day

Update:

Further analysis of Microsoft's CVE-2026-26119 in Windows Admin Center reveals it's an Improper Authentication (CWE-287) flaw, discovered by Andrea Pierini. Exploitation requires an authenticated attacker on the same network. New guidance includes detailed detection methods such as monitoring Windows Event Logs for anomalous administrative activity, network traffic analysis for unusual connections, and EDR solutions for suspicious process chains from `ServerManagementGateway.exe`. Remediation emphasizes immediate update to version 2511+, network segmentation, and principle of least privilege, with specific MITRE ATT&CK mitigations provided.

February 27, 2026
Updated: February 28, 2026
3 min read
Zero-DayVulnerabilityDellMicrosoftUNC6201 +3 more
Microsoft and Dell Patch Actively Exploited Zero-Day Vulnerabilities
Vulnerability
Patch Management
Threat Actor

📢 Share This Publication

Help others stay informed about cybersecurity threats