Cybersecurity.watch

Password Managers Don’t Protect Secrets if Pwned

Feb 18 2026

Research exposes vulnerabilities in popular password managers (Bitwarden, LastPass, Dashlane) claiming zero-knowledge encryption, enabling potential password exposure if servers are compromised. Bitwarden was most affected, with 12 attack methods detailed; LastPass and Dashlane followed with 7 and 6 respectively. The study urges enhanced security practices and clear communications from providers regarding risks and protections. Vendors acknowledged flaws and are addressing them, but similar vulnerabilities may apply to others in the industry.

https://www.theregister.com/2026/02/16/password_managers/

Eurail Says Stolen Traveler Data Now up for Sale on Dark Web

breach, incident, privacy

Feb 18 2026

Eurail's stolen customer data is for sale on the dark web after a breach revealed sensitive records, including names and bank details. The company is investigating the extent of the breach and has notified data protection authorities. Affected customers should be alert for phishing attempts and update their passwords.

https://www.bleepingcomputer.com/news/security/eurail-says-stolen-traveler-data-now-up-for-sale-on-dark-web/

Are Hackers Trying to Utilize Gemini AI’s Capabilities for Malicious Purposes?

ai, google, threats

Feb 18 2026

Hackers are attempting to exploit Gemini AI for cyberattacks, as highlighted in a Google Threat Intelligence report. While direct cloning hasn’t succeeded, state-sponsored groups are using AI tools for sophisticated hacks. The private sector is also interested in Gemini’s proprietary technology for development, raising concerns about intellectual property theft. Despite growing reliance on AI, Americans remain distrustful, fearing privacy violations and data exploitation.

https://www.pandasecurity.com/en/mediacenter/are-hackers-trying-to-utilize-gemini-ais-capabilities-for-malicious-purposes/

Infostealer Malware Found Stealing OpenClaw Secrets for First Time

ai, malware

Feb 18 2026

Infostealer malware has been detected stealing sensitive data from OpenClaw, an AI assistant framework, marking a new trend in targeting personal AI configurations. The stolen files include API keys and login information, with a potential full compromise of victims' digital identities. Hudson Rock identified the malware as having similarities to the Vidar infostealer. As OpenClaw gains traction, its configuration files, containing sensitive authentication secrets, are increasingly being targeted by cybercriminals.

https://www.bleepingcomputer.com/news/security/infostealer-malware-found-stealing-openclaw-secrets-for-first-time/

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

malware, microsoft, threats

Feb 17 2026

Microsoft revealed a new ClickFix attack utilizing nslookup for malware staging. Attackers trick users into running DNS lookups to retrieve malicious payloads, circumventing security measures by having victims infect their own machines. This technique has evolved into various forms and leverages DNS traffic as a stealthy method of signaling to malicious infrastructure. The attack can lead to further malware deployment, including remote access trojans and information stealers, particularly targeting both Windows and macOS users amidst rising incidents of cryptocurrency theft.

https://thehackernews.com/2026/02/microsoft-discloses-dns-based-clickfix.html

EU Parliament Blocks AI Features Over Cyber, Privacy Fears

ai, cloud, eu, regulation

Feb 17 2026

EU Parliament disables AI features on devices due to cybersecurity and data protection concerns, as risks from cloud data sharing are evaluated. Lawmakers advised caution with personal devices too.

https://www.politico.eu/article/eu-parliament-blocks-ai-features-over-cyber-privacy-fears/

New Clickfix Exploit Tricks Users Into Changing DNS Settings for Malware Installation

malware, threats

Feb 17 2026

New Clickfix exploit uses DNS hijacking to install malware by deceiving users into executing malicious commands. Victims paste scripts from fake error messages, triggering DNS lookups to fetch payloads, ultimately delivering ModeloRAT while blending in with normal traffic to avoid detection.

https://cybersecuritynews.com/new-clickfix-attack-uses-dns-hijacking/

How Global Cybercrime Syndicates Are Stealing Hearts — and Billions

ai, scams, social engineering

Feb 17 2026

Global cybercrime syndicates are exploiting romance scams, using AI to create convincing online identities to deceive victims, particularly during Valentine's season. In 2024, Americans lost over $16 billion to cybercrime, with one in seven adults affected by romance schemes. These scams, targeting older demographics, leverage trust and urgency to manipulate victims, often moving conversations off safer platforms. Law enforcement faces challenges due to the international nature of these operations, but agencies like the FBI are forming global partnerships to combat them. Vigilance is necessary for online daters, as pressure tactics are common indicators of scams.

https://www.politico.com/news/2026/02/14/how-global-cybercrime-syndicates-are-stealing-hearts-and-billions-00780481

Naming and Shaming: How Ransomware Groups Tighten the Screws on Victims

ransomware, threats, trends

Feb 17 2026

Ransomware tactics have evolved from simple file encryption to combining data theft with threats of public exposure via dedicated leak sites (DLSs). These sites, emerging in 2019, amplify pressure on victims by publicly showcasing stolen data and demanding payment. This approach increases risks including reputational damage, regulatory fines, and follow-on cybercrimes. Victims face urgency and fear as they navigate decisions under pressure, often leading to repeated attacks even after ransom payment. Effective defenses require advanced security measures, access controls, regular software updates, resilient backups, and employee training to mitigate risks associated with ransomware threats.

https://www.welivesecurity.com/en/ransomware/naming-shaming-ransomware-groups-tighten-screws-victims/

2026 State of Enterprise Infostealer Identity Exposure

breach, report, threats

Feb 17 2026

In 2025, enterprise identity exposure intensified, with enterprise identity logs increasing from 8% to 11% of all logs. Microsoft Entra ID credentials appeared in 79% of these logs, making them the most compromised. Over 18% of identity logs contained credentials for multiple providers, expanding the potential impact of a single breach.

https://flare.io/learn/resources/2026-enterprise-infostealer-identity-exposure/

As Ransomware Recedes, a New More Dangerous Digital Parasite Rises

malware, ransomware, threats, trends

Feb 16 2026

Ransomware declines as “sleeperware” ascends: Picus Labs' report shows a shift from ransomware to stealthy malware that remains dormant until opportune moments, focusing on data theft rather than system disruption. This change reflects a significant drop in ransomware incidents, prompting new cybersecurity strategies.

https://www.zdnet.com/article/sleeperware-malware-sneaks-waits-ransomware-decline/

Major ‘vibe-coding’ Platform Orchids Is Easily Hacked, Researcher Finds

ai, coding, vibe coding, vulnerability

Feb 16 2026

A security flaw in Orchids AI platform led to a BBC reporter's laptop being hacked without any user action. A cybersecurity researcher exploited vulnerabilities, demonstrating risks associated with “vibe-coding” tools that allow non-technical users to create applications. This zero-click attack could compromise sensitive data and device security, raising concerns about the convenience of AI tools. Experts warn of a new class of vulnerabilities in AI systems.

https://www.bbc.com/news/articles/cy4wnw04e8wo

Milan-Cortina 2026: How Winter Olympics Embraced AI to Fend Off Cyber Attacks

ai, security controls

Feb 16 2026

Milan-Cortina 2026 Winter Olympics implement AI and cybersecurity measures to combat threats amid geopolitical tensions. Organized by Italian authorities and supported by technology partners, initiatives focus on mitigating cyber attacks, including DDoS attempts. Key infrastructure will handle extensive data operations, ensuring performance and security throughout the Games.

https://www.sportspro.com/analysis/technology/milan-cortina-2026-winter-olympics-cybersecurity-ai-tech-february-2026/

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

browser, chrome, malware

Feb 14 2026

Malicious Chrome extensions, including CL Suite, are stealing sensitive data from Meta Business Suite users. These extensions exfiltrate TOTP codes, Business Manager analytics, and contact lists to attackers' servers. Other threats include over 500,000 VKontakte account hijackings and 32 AI-themed extensions that siphon user credentials. These attacks emphasize the growing misuse of browser extensions for data theft, prompting recommendations for cautious installation practices and regular audits.

https://thehackernews.com/2026/02/malicious-chrome-extensions-caught.html

The Cyberattack That Exposed The Fragility Of Digital Heritage

incident, ransomware

Feb 14 2026

Ransomware attacked the British Library on October 28, 2023, compromising servers, encrypting systems, and exfiltrating about 600 GB of data. The attack exploited vulnerabilities, including lack of multi-factor authentication on an entry point. This incident highlighted systemic issues in cultural institutions: outdated infrastructure, insufficient funding for tech upgrades, and complex network security challenges. In response, the Library initiated a significant overhaul, implementing better network segmentation, robust backup strategies, mandatory cybersecurity training, and elevating cybersecurity to a strategic priority. The incident underscores the risks faced by cultural heritage institutions in a digital age and the need for proactive cyber defense to protect knowledge access.

https://informationsecuritybuzz.com/the-cyberattack-that-exposed-the-fragility-of-digital-heritage/