Sami Laiho
@samilaiho.com
Naming and shaming: How ransomware groups tighten the screws on victims
www.welivesecurity.com/en/ransomwar...
www.welivesecurity.com/en/ransomwar...
Naming and shaming: How ransomware groups tighten the screws on victims
When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle.
www.welivesecurity.com
February 14, 2026 at 12:45 PM
Naming and shaming: How ransomware groups tighten the screws on victims
www.welivesecurity.com/en/ransomwar...
www.welivesecurity.com/en/ransomwar...
Urgent Warnings From UK and US Cyber Agencies After Polish Energy Grid Attack
www.fortra.com/blog/urgent-...
www.fortra.com/blog/urgent-...
Urgent Warnings From UK and US Cyber Agencies After Polish Energy Grid Attack
Attacks against the Polish energy infrastructure has caused cyber agencies to issue urgent warnings to critical national infrastructure operators,
www.fortra.com
February 14, 2026 at 12:44 PM
Urgent Warnings From UK and US Cyber Agencies After Polish Energy Grid Attack
www.fortra.com/blog/urgent-...
www.fortra.com/blog/urgent-...
Dutch telco Odido suffers data breach exposing data of 6.2 million customers
cyberinsider.com/dutch-telco-...
cyberinsider.com/dutch-telco-...
Dutch telco Odido suffers data breach exposing data of 6.2 million customers
Telecom provider Odido has disclosed a data breach affecting 6.2 million clients, after hackers gained access to its customer contact system.
cyberinsider.com
February 14, 2026 at 12:44 PM
Dutch telco Odido suffers data breach exposing data of 6.2 million customers
cyberinsider.com/dutch-telco-...
cyberinsider.com/dutch-telco-...
Critical BeyondTrust RCE flaw now exploited in attacks, patch now
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Critical BeyondTrust RCE flaw now exploited in attacks, patch now
A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published onli...
www.bleepingcomputer.com
February 14, 2026 at 12:43 PM
Critical BeyondTrust RCE flaw now exploited in attacks, patch now
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091)
Leads to Critical System Compromise
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Proof-of-Concept, CVSSv3.1: 9.8
Leads to Critical System Compromise
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Proof-of-Concept, CVSSv3.1: 9.8
NVD - CVE-2026-26190
nvd.nist.gov
February 14, 2026 at 6:55 AM
Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091)
Leads to Critical System Compromise
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Proof-of-Concept, CVSSv3.1: 9.8
Leads to Critical System Compromise
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Proof-of-Concept, CVSSv3.1: 9.8
Apple patches decade-old iOS zero-day, possibly exploited by commercial
spyware
www.theregister.com/2026/02/12/a...
spyware
www.theregister.com/2026/02/12/a...
Apple patches decade-old iOS zero-day exploited in the wild
: Flaw abused 'in an extremely sophisticated attack against specific targeted individuals'
www.theregister.com
February 13, 2026 at 12:44 PM
Apple patches decade-old iOS zero-day, possibly exploited by commercial
spyware
www.theregister.com/2026/02/12/a...
spyware
www.theregister.com/2026/02/12/a...
A New Data Theft Gang for the Health Sector to Lose Sleep Over
www.databreachtoday.com/new-data-the...
www.databreachtoday.com/new-data-the...
A New Data Theft Gang for the Health Sector to Lose Sleep Over
A new cybercriminal gang, Insomnia, appears to have its eyes wide open for potential healthcare-related targets. Since surfacing on the darkweb in recent weeks, the
www.databreachtoday.com
February 13, 2026 at 12:43 PM
A New Data Theft Gang for the Health Sector to Lose Sleep Over
www.databreachtoday.com/new-data-the...
www.databreachtoday.com/new-data-the...
High-Tech Crime Trends Report 2026: The age of supply chain attacks
www.group-ib.com/landing/high...
www.group-ib.com/landing/high...
www.group-ib.com
February 13, 2026 at 12:42 PM
High-Tech Crime Trends Report 2026: The age of supply chain attacks
www.group-ib.com/landing/high...
www.group-ib.com/landing/high...
Bypassing Administrator Protection by Abusing UI Access
projectzero.google/2026/02/wind...
projectzero.google/2026/02/wind...
Bypassing Administrator Protection by Abusing UI Access - Project Zero
In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didn’t exi...
projectzero.google
February 13, 2026 at 12:42 PM
Bypassing Administrator Protection by Abusing UI Access
projectzero.google/2026/02/wind...
projectzero.google/2026/02/wind...
Fake AI Chrome extensions with 300K users steal credentials, emails
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Fake AI Chrome extensions with 300K users steal credentials, emails
A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information.
www.bleepingcomputer.com
February 13, 2026 at 12:41 PM
Fake AI Chrome extensions with 300K users steal credentials, emails
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Dutch mobile phone giant Odido announces data breach
therecord.media/dutch-teleco...
therecord.media/dutch-teleco...
Dutch mobile phone giant Odido announces data breach
In a statement about the incident, Odido CEO Søren Abildgaard said names, bank account numbers, addresses, mobile numbers, email addresses, account numbers and IDs were stolen.
therecord.media
February 13, 2026 at 12:41 PM
Dutch mobile phone giant Odido announces data breach
therecord.media/dutch-teleco...
therecord.media/dutch-teleco...
Refreshing the root of trust: industry collaboration on Secure Boot
certificate updates
blogs.windows.com/windowsexper...
certificate updates
blogs.windows.com/windowsexper...
Refreshing the root of trust: industry collaboration on Secure Boot certificate updates
Secure Boot is a foundational security feature of the Windows and Windows Server experience, providing protection from the moment a device powers on. Introduced in 2011, Secure Boot runs at startup – ...
blogs.windows.com
February 13, 2026 at 12:40 PM
Refreshing the root of trust: industry collaboration on Secure Boot
certificate updates
blogs.windows.com/windowsexper...
certificate updates
blogs.windows.com/windowsexper...
Germany prepares to attack cyber enemies
www.politico.eu/article/germ...
www.politico.eu/article/germ...
Germany prepares to attack cyber enemies
Berlin, long cautious about going on offense in cyberspace, is now willing to strike.
www.politico.eu
February 13, 2026 at 12:40 PM
Germany prepares to attack cyber enemies
www.politico.eu/article/germ...
www.politico.eu/article/germ...
As ransomware recedes, a new more dangerous digital parasite rises
www.zdnet.com/article/slee...
www.zdnet.com/article/slee...
As ransomware recedes, a new more dangerous digital parasite rises
Meet sleeperware: Here's how attackers are now playing dead on your network until the moment you stop watching.
www.zdnet.com
February 13, 2026 at 12:38 PM
As ransomware recedes, a new more dangerous digital parasite rises
www.zdnet.com/article/slee...
www.zdnet.com/article/slee...
February 13, 2026 at 10:42 AM
Case Ivanti päivitys!
Päivitys 13.2.2026: Saksan kyberturvallisuusviranomaisen BSI:n julkaisemassa kattavassa raportissa kerrotaan haavoittuvuuden hyväksikäytöstä jo kesältä 2025. Tuotteiden omistajien kannattaa siis tutkia EPMM laitteelta historiaa.
www.bsi.bund.de/SharedDocs/C...
Päivitys 13.2.2026: Saksan kyberturvallisuusviranomaisen BSI:n julkaisemassa kattavassa raportissa kerrotaan haavoittuvuuden hyväksikäytöstä jo kesältä 2025. Tuotteiden omistajien kannattaa siis tutkia EPMM laitteelta historiaa.
www.bsi.bund.de/SharedDocs/C...
www.bsi.bund.de
February 13, 2026 at 8:19 AM
Case Ivanti päivitys!
Päivitys 13.2.2026: Saksan kyberturvallisuusviranomaisen BSI:n julkaisemassa kattavassa raportissa kerrotaan haavoittuvuuden hyväksikäytöstä jo kesältä 2025. Tuotteiden omistajien kannattaa siis tutkia EPMM laitteelta historiaa.
www.bsi.bund.de/SharedDocs/C...
Päivitys 13.2.2026: Saksan kyberturvallisuusviranomaisen BSI:n julkaisemassa kattavassa raportissa kerrotaan haavoittuvuuden hyväksikäytöstä jo kesältä 2025. Tuotteiden omistajien kannattaa siis tutkia EPMM laitteelta historiaa.
www.bsi.bund.de/SharedDocs/C...
PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 Released!
URL: www.postgresql.org/about/news/p...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 8.8
URL: www.postgresql.org/about/news/p...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 8.8
PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 Released!
The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 18.2, 17.8, 16.12, 15.16, …
www.postgresql.org
February 13, 2026 at 6:55 AM
PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 Released!
URL: www.postgresql.org/about/news/p...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 8.8
URL: www.postgresql.org/about/news/p...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 8.8
Siemens SINEC OS vulnerabilities
URL: cert-portal.siemens.com/productcert/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
URL: cert-portal.siemens.com/productcert/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
SSA-355557
cert-portal.siemens.com
February 13, 2026 at 6:54 AM
Siemens SINEC OS vulnerabilities
URL: cert-portal.siemens.com/productcert/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
URL: cert-portal.siemens.com/productcert/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
Espionage Without Noise: Understanding APT36’s Enduring Campaigns
www.aryaka.com/blog/espiona...
www.aryaka.com/blog/espiona...
Espionage Without Noise: Inside APT36’s Enduring Campaigns Targeting Indian Government And Defence | Aryaka Blog
Discover how Transparent Tribe (APT36) and the SideCopy cluster quietly target Indian government and defence organizations using spear-phishing, living-off-the-land techniques, and cross-platform RATs...
www.aryaka.com
February 12, 2026 at 2:04 PM
Espionage Without Noise: Understanding APT36’s Enduring Campaigns
www.aryaka.com/blog/espiona...
www.aryaka.com/blog/espiona...
LummaStealer Is Getting a Second Life Alongside CastleLoader
www.bitdefender.com/en-us/blog/l...
www.bitdefender.com/en-us/blog/l...
LummaStealer Is Getting a Second Life Alongside CastleLoader
Bitdefender researchers have discovered a surge in LummaStealer activity, showing how one of the world's most prolific information-stealing malware operations managed to survive despite being alm...
www.bitdefender.com
February 12, 2026 at 2:03 PM
LummaStealer Is Getting a Second Life Alongside CastleLoader
www.bitdefender.com/en-us/blog/l...
www.bitdefender.com/en-us/blog/l...
Employee Monitoring and SimpleHelp Software Abused in Ransomware Operations
www.huntress.com/blog/employe...
www.huntress.com/blog/employe...
Employee Monitoring and SimpleHelp Software Abused in Ransomware Operations | Huntress
Huntress uncovers ransomware operations abusing employee monitoring software and SimpleHelp RMM for persistence, and ransomware deployment.
www.huntress.com
February 12, 2026 at 2:02 PM
Employee Monitoring and SimpleHelp Software Abused in Ransomware Operations
www.huntress.com/blog/employe...
www.huntress.com/blog/employe...
WSL in the Malware Ecosystem
isc.sans.edu/diary/rss/32...
isc.sans.edu/diary/rss/32...
WSL in the Malware Ecosystem - SANS Internet Storm Center
WSL in the Malware Ecosystem, Author: Xavier Mertens
isc.sans.edu
February 12, 2026 at 2:02 PM
WSL in the Malware Ecosystem
isc.sans.edu/diary/rss/32...
isc.sans.edu/diary/rss/32...
ZLAN Information Technology Co. ZLAN5143D
URL: www.cisa.gov/news-events/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
URL: www.cisa.gov/news-events/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
ZLAN Information Technology Co. ZLAN5143D | CISA
www.cisa.gov
February 12, 2026 at 7:40 AM
ZLAN Information Technology Co. ZLAN5143D
URL: www.cisa.gov/news-events/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
URL: www.cisa.gov/news-events/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
HPESBNW05002 rev.1 - Multiple Vulnerabilities in HPE Aruba Networking Private
5G Core
URL: support.hpe.com/hpesc/public...
5G Core
URL: support.hpe.com/hpesc/public...
support.hpe.com
February 12, 2026 at 7:39 AM
HPESBNW05002 rev.1 - Multiple Vulnerabilities in HPE Aruba Networking Private
5G Core
URL: support.hpe.com/hpesc/public...
5G Core
URL: support.hpe.com/hpesc/public...