Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organisations raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks were the highest ever recorded, and 2026 could be worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. It's a dangerous world out there, so please be extra vigilant and mindful of the risks and threats. Wishing you all the best for the New Year. Thanks again for all your support. Stay safe. :)
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 16th February and 22nd February 2026.16th February
AI Agent Targets OSS Maintainers with Autonomous Pull Requests, Bypassing Human Detection
AI and RaaS Alter Threat Landscape, New Ransomware Groups Grow by 30%
AI-fuelled supply chain cyber attacks surge in Asia-Pacific
AI-Powered Phishing Attacks Surge in 2025
Apple privacy labels often don’t match what Chinese smart home apps do
Blockchain fintech giant Figure hit by data breach, says 'limited number of files' impacted
Brazilian Crowdfunding Platform APOIA.se Data Breach Exposes Over 450,000 Users
Canada Goose confirms data leak - around 600,000 customers thought to be affected
Cempa Community Care Data Breach Exposes Social Security Numbers
ChatGPT gets new security feature to fight prompt injection attacks
Chrome browsers under attack as Google releases emergency patch for zero-day exploit
CISA Alerts on Critical ZLAN ICS Flaws Enabling Full Device Takeover
CISA gives federal agencies 3 days to patch actively exploited BeyondTrust flaw
City of Marietta hit by nationwide ransomware attack
Critical Thinking Erosion: A Hidden Threat to Security Career Resilience
Cyble Threat Report Flags Supply Chain Ransomware Risk
Data breach at Odido: responsibility and compensation under discussion
Data Breach Settlements Agreed by Centrelake Medical Group & Des Moines Orthopaedic Surgeons
Disney agrees to record $2.75 million CCPA fine over opt-out violations in California
Dutch operator suffers a 6 million account data breach
Everest ransomware gang claims Atlas Air breach, warns Boeing data at risk
Exploited React2Shell Flaw By LLM-generated Malware Foreshadows Shift in Threat Landscape
Figure Technologies Data Breach: Blockchain Fintech Giant Exposed by Phishing Attack
Flagship Bank Data Breach Exposes Social Security Numbers
Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix
Google Chrome Fixes Actively Exploited CVE-2026-2441 Bug
Google identifies Gemini use in cyberattacks, phishing, malware development
Google patches Chrome vulnerability with in-the-wild exploit (CVE-2026-2441)
Google patches first Chrome zero-day exploited in attacks this year
Google Warns of In the Wild Exploit as It Patches New Chrome Zero Day
Government Data Breach Sparks Fears Millions May Need New Social Security Numbers
Hacker Seized Laptop Through AI App With Zero Clicks
High-Severity Chrome 0-Day Vulnerability Enables Remote Code Execution
How Nigeria’s 24-Hour Data Breach Notification Rule Protects Mobile Users
INC Ransomware Data Breach Hits Nang Kuang Pharmaceutical
India Faces Cyber Attack Surge: Over 3,100 Weekly Cyberattacks as AI-Driven Automation Transforms Digital Threat Landscape
Infostealer Evolves to Target AI Agents, OpenClaw Configurations
Infostealer malware found stealing OpenClaw secrets for first time
Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens
Japanese sex toys maker Tenga discloses data breach
Ledger and Trezor Users Security Alert: Seed Phrase Phishing Attempts Sent by Mail
LockBit 5.0 Emerges: Cross-Platform Ransomware Now Targeting Windows, Linux, and ESXi Systems
LockBit 5.0 ransomware expands its reach across Windows, Linux, and ESXi
LockBit’s New 5.0 Version Attacking Windows, Linux and ESXI Systems
Mobi UZ Data Breach: Complete Corporate Network Compromise
New Chrome Zero-Day (CVE-2026-2441) Under Active Attack - Patch Released
New phishing campaign weaponises fake video conference invites
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
Nigeria Data Protection Commission (NDPC) investigates Temu for alleged data breach
Nigeria Data Protection Commission (NDPC) probes e-commerce platform Temu over data breach
Noodlophile Malware Authors Use Fake Job Ads and Phishing Schemes to Evolve Tactics
North Korean hackers target users of top Ethereum wallet MetaMask
Odido Breach Impacts Millions of Dutch Telco Users
Odido hackers pretended to be an IT employee to breach corporate system
Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft
Ordre des experts-comptables de Bretagne Hit by 859GB Data Breach
Over 500,000 VKontakte (VK) accounts hijacked through malicious Chrome extensions
OysterLoader Evolves With New C2 Infrastructure and Obfuscation
Phishing Attacks Leverage Zoom, Teams, Google Meet Invites
Phishing Binance: the fake ‘Additional Verification Required’ email targeting users’ credentials
Phishing Lures Spread XWorm Remote Access Trojan
Ransomware Attacks on schools diminished in the year 2025
Ransomware Attacks Surge 30% Globally, US Remains Primary Target
Ransomware gangs are using employee monitoring software as a springboard for cyber attacks
Ransomware Surges 30% Above 2025 Average; Supply Chain & ICS Threats Rise
Researchers Uncover OysterLoader, an Advanced Obfuscated Loader Powering Rhysida Attacks
Rhysida Ransomware Delivered via Fake PuTTY and Google Authenticator
Rising Phishing Campaigns Linked To Dreamflow.app
SMEs Wrong to Assume They Won’t Be Hit by Cyber-Attacks, National Cyber Security Centre (NCSC) Boss Warns
Staying Safe From Crypto Phishing Attacks in 2026
Steel Encounters Data Breach Exposes Social Security Numbers
Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers
The Olympics Are Going Mobile - Your Security Strategy Has to Follow
Tulsa Airport Data Breach: What the Tulsa Airports Improvement Trust (TAIT) Security Incident Means for Travelers and Aviation Privacy
US: Nationwide ransomware attack disrupts online business license payments in Marietta
Vulnerabilities in Password Managers Allow Hackers to View and Change Passwords
youX Data Breach: Australian FinTech Platform Compromised
