The Breach News

No Loyalty Among Ransomware Criminals

Artificial Intelligence & Machine Learning, Fraud Management & Cybercrime, Identity & Access Management Also: AI and Machine Identity Risks; Europe’s Push for Digital Sovereignty Anna Delaney (annamadeline) • February 20, 2026 Clockwise, from top left: Anna Delaney, Tony Morbin, Tom Field, and Mathew Schwartz This week, a panel of four…

Read MoreNo Loyalty Among Ransomware Criminals

Microsoft Upgrades SPNEGO Extended Negotiation Security Vulnerability to ‘Critical’ Status

Microsoft has recently escalated the severity rating of a previously patched security vulnerability from September 2022, now classifying it as “Critical.” This update follows findings that the vulnerability poses risks of remote code execution, significantly heightening its threat level. Identified as CVE-2022-37958 with a CVSS score of 8.1, the issue…

Read MoreMicrosoft Upgrades SPNEGO Extended Negotiation Security Vulnerability to ‘Critical’ Status

Heightened Caution Recommended Following Online Leak of Anti-Islamist Group Members’ Information

An anti-Islamist organization, the English Defence League (EDL), has issued a warning to its members following a significant data breach that exposed sensitive information online. This incident saw the release of hundreds of names and addresses belonging to the group’s supporters after hackers successfully infiltrated a site associated with the…

Read MoreHeightened Caution Recommended Following Online Leak of Anti-Islamist Group Members’ Information

Identifying North Korean Job Applicants: A Guide

Fraud Management & Cybercrime, Governance & Risk Management, Remote Workforce Encouraging Thorough Verification of Candidates’ Identities Greg Sirico • February 20, 2026 An AI-manipulated image showcasing the deceptive capabilities used by certain North Korean workers. (Image: KnowBe4) Remote IT workers from North Korea present an intricate challenge for employers. Known…

Read MoreIdentifying North Korean Job Applicants: A Guide

PayPal Data Breach: Customer Info Compromised, Passwords Reset, and Unauthorized Transactions Reported

Data Breach Exposes Sensitive Information of Limited PayPal Customers In February 2026, PayPal publicly acknowledged a data breach that compromised sensitive personal information of a small group of its customers. The breach is associated with individuals who had applied for PayPal Working Capital (PPWC) loans. Although the company asserts that…

Read MorePayPal Data Breach: Customer Info Compromised, Passwords Reset, and Unauthorized Transactions Reported

Samba Releases Security Updates to Address Several High-Severity Vulnerabilities

The open-source software suite Samba has issued critical updates to address several high-severity vulnerabilities that pose significant risks to system security. If exploited, these flaws could allow unauthorized users to gain control over the affected systems. The vulnerabilities, identified as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, have been patched in the…

Read MoreSamba Releases Security Updates to Address Several High-Severity Vulnerabilities