LexisNexis Breached by 'FulcrumSec,' Global Coalition Dismantles Tycoon 2FA Phishing Empire, and Critical Cisco RCE Patched

Publication Date: March 5, 2026

Summary

This cybersecurity brief for March 5, 2026, covers a series of high-impact events. Data analytics giant LexisNexis confirmed a major cloud breach by the threat actor 'FulcrumSec,' exposing sensitive legal and government user data. In a significant win for law enforcement, an international coalition led by Europol and Microsoft dismantled the 'Tycoon 2FA' Phishing-as-a-Service platform. Meanwhile, critical vulnerabilities demand immediate attention: Cisco patched a CVSS 10.0 RCE flaw in its firewall management software that was exploited as a zero-day, and CISA added a separate, actively exploited VMware Aria Operations bug to its KEV catalog. The day also saw massive data breach disclosures from CarGurus (12.4M users) and European retailer ManoMano (38M users).

Today New Articles

CISA KEV Alert: Actively Exploited VMware Aria Flaw (CVE-2026-22719) Allows Remote Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity command injection vulnerability in VMware Aria Operations, CVE-2026-22719, to its Known Exploited Vulnerabilities (KEV) catalog. This action confirms the flaw is being a...

CrowdStrike & Schwarz Digits to Offer Sovereign AI-Native Security on STACKIT Cloud

CrowdStrike has announced a strategic partnership with Schwarz Digits, the IT division of the group owning retail giants Lidl and Kaufland. The collaboration will deliver CrowdStrike's AI-native Falcon cybersecurity platform on STACKIT, the sovereign cloud dev...

Hennessy Advisors Discloses Year-Old Data Breach, Notifying 12,000 Individuals

California-based investment firm Hennessy Advisors, Inc. has begun notifying over 12,000 individuals of a data breach that occurred nearly a full year ago, on March 30, 2025. The notification, filed in early 2026, reveals that an external system breach led to...

Latin America Now Top Global Target, Facing Double the Cyberattacks of US, Report Finds

A new threat report from Check Point Research reveals a dramatic shift in the global cyber threat landscape, with Latin America emerging as the world's most heavily targeted region. Organizations in Latin America now face an average of 3,100 cyber threats per...

Article Updates

Middle East Cyber Conflict Escalates Following Military Strikes on Iran

Update:The UK's National Cyber Security Centre (NCSC) has issued an advisory to British organizations, including Critical National Infrastructure (CNI) and those with Middle East operations or supply chains. The warning highlights a heightened risk of indirect cyber...

Cloudflare Report: Attackers Ditch Malware for Stolen Credentials, Shifting from 'Breaking In' to 'Logging In'

Update:Palo Alto Networks' Unit 42 2026 Incident Response Report reinforces the shift to identity-based attacks and the role of AI. It found attackers can exfiltrate data in as little as 72 minutes from initial compromise, a significant reduction in response time. Th...