👉 What's the latest in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Lazarus Deploys Medusa In Health Hacks

The North Korean Lazarus Group has recently expanded its cyber operations by deploying Medusa ransomware against a target in the Middle East and attempting a breach of a U.S. healthcare provider. This evolution suggests that North Korean state-sponsored actors are increasingly functioning as affiliates for existing ransomware-as-a-service operations instead of relying solely on their own custom-built encryption tools.

2. APT28 Uses Webhook Macro Malware

The Russia-linked threat actor APT28 recently executed a cyber espionage campaign titled Operation MacroMaze targeting Western and Central European organizations. Between September 2025 and January 2026, the group utilized spear-phishing emails containing lure documents that leveraged remote image fetching and evolving macro scripts to exfiltrate data via legitimate webhook services.

3. Wormable XMRig Uses BYOVD Exploit

Researchers have identified a new cryptojacking operation that uses pirated software bundles to infect systems with a customized XMRig miner. This sophisticated malware uses modular components to maximize mining efficiency and can spread through external drives to reach even air-gapped systems.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. Optimizely Confirms Vishing Breach

Optimizely, a New York ad tech firm, recently informed customers of a data breach resulting from a sophisticated voice phishing attack on its internal systems. While the company serves over 10,000 major brands, it reported that the unauthorized access was limited to basic business contact information and did not compromise sensitive customer data.

5. US Health Firm Reports 140K Breach

A healthcare data breach involving Vikor Scientific has exposed the personal and medical information of nearly 140,000 individuals. The incident originated from a third-party compromise at Catalyst RCM, a service provider that managed data for the diagnostic laboratory.

6. Air Côte d’Ivoire Confirms Cyberattack

Air Côte d’Ivoire recently confirmed a February 8 cyberattack that compromised its information systems and prompted the activation of emergency business continuity protocols. The INC ransomware gang claimed responsibility for the breach, alleging the theft of 208 GB of data and setting a payment deadline for late February.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Chinese AI Firms Queried Claude To Copy

Anthropic recently announced the discovery of large-scale campaigns by Chinese AI firms DeepSeek, Moonshot AI, and MiniMax to illicitly extract capabilities from its Claude models. These distillation attacks involved over 16 million exchanges through thousands of fraudulent accounts to bypass regional restrictions and improve competing models at a fraction of the standard development cost.

8. $10K Bounty To Hack Ring Cameras

The Fulu Foundation is offering a ten thousand dollar reward to anyone who can successfully block Ring security cameras from transmitting private data to Amazon servers. This nonprofit initiative aims to reclaim user privacy and eliminate unwanted features without permanently damaging the device hardware.

9. Hackers Steal $461K From Cambridge

The Cambridge Central School District recently revealed that cyber criminals managed to steal approximately 461,000 dollars from its capital construction fund via an unauthorized transfer. Local officials are currently collaborating with the FBI and Secret Service to investigate the breach and prioritize the full recovery of the missing taxpayer money.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks on Tuesday, 24 February 2026 remained under pressure from broader technology market rotation and investor reassessment of growth valuations.

• Okta Inc closed at 70.24 dollars and moved lower, with identity and access management stocks tracking broader tech softness.

• Zscaler Inc ended around 143.76 dollars and was down, reflecting rotation in cloud security valuations.

• Fortinet Inc closed at 75.10 dollars and declined, with network security names underperforming amid tech weakness.

• Check Point Software Technologies Ltd. finished near 155.30 dollars and was lower, with defensive firewall demand steady but impacted by sector flows.

• SentinelOne Inc closed at 12.40 dollars and was down, as smaller AI-driven endpoint stocks saw selective selling.

💡 Cyber Tip

🧬 Lazarus Deploys Medusa in Healthcare Hacks

The North Korean Lazarus Group has been linked to attacks using Medusa ransomware against a Middle Eastern organization and an attempted breach of a U.S. healthcare provider. Instead of relying solely on custom malware, the group appears to be operating as an affiliate within a ransomware-as-a-service ecosystem, signaling a strategic shift toward faster and more scalable extortion campaigns.

🛠️ What You Should Do

• Prioritize patching internet-facing systems and remote access services

• Enforce strong MFA across VPN, email, and cloud platforms

• Monitor for lateral movement and unusual privilege escalation

• Maintain offline and immutable backups

• Review incident response plans for ransomware readiness
  

⚠️ Why This Matters
When state-sponsored actors adopt commercial ransomware platforms, attacks become harder to attribute and more frequent. Healthcare and nonprofit sectors are especially vulnerable, and the blending of espionage and financial extortion raises the overall threat level for critical infrastructure.

Visit BookClub

📚 Cyber Book

Video Surveillance: Power and Privacy in Everyday Life by Bilge Yesil

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium