👉 What's the latest in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. SolarWinds Fixes 4 Critical Serv-U Flaws

SolarWinds has issued critical security patches for four vulnerabilities within its Serv-U file transfer software that could allow for remote code execution. These flaws affect version 15.5 and require immediate updates to version 15.5.4 to prevent potential unauthorized root access by attackers.

2. CISA Confirms Active Exploitation of FileZen Bug

CISA has officially added a critical OS command injection vulnerability in Soliton Systems FileZen to its list of actively exploited flaws. To mitigate the risk of arbitrary command execution, users are urged to update to version 5.0.11 and reset all account passwords immediately.

3. Zyxel Warns of Critical RCE Router Flaw

Zyxel has launched critical security patches for more than twelve router models to fix a vulnerability that could let unauthorized users execute remote commands. This flaw is found within the UPnP functionality across various hardware lines, including 5G NR, 4G LTE, and fiber devices.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. UAE Foils Major AI Cyber Attack

The UAE Cybersecurity Council successfully thwarted a series of sophisticated, AI-driven cyberattacks aimed at destabilizing national infrastructure and essential services. Despite the coordinated and “terrorist” nature of these attempts, the country’s layered defense systems and rapid-response teams neutralized the threats without any disruption to public data or daily operations.

5. 600+ FortiGate Devices Hacked by AI

An unskilled but financially motivated attacker recently used generative AI to breach over 600 FortiGate firewall instances by automating the exploitation of weak credentials and exposed ports. This incident highlights how AI tools are effectively lowering the technical barrier for entry, allowing unsophisticated actors to achieve the kind of operational scale previously reserved for advanced threat groups.

6. Hacking Group Claims 12.4M CarGurus Records

Recent reports indicate that the automotive marketplace CarGurus has allegedly fallen victim to a significant data breach involving millions of user records. A hacking group known for high-profile extortions has claimed responsibility for the incident and has reportedly begun publishing the stolen information online.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. UK Fines Porn Firm £1.35M for Age Checks

The UK communications regulator Ofcom has issued a fine of 1.35 million pounds to the adult content company 8579 LLC for failing to implement mandatory age verification measures required by the Online Safety Act. The company was also penalized an additional 50,000 pounds for its failure to provide necessary documentation during the regulatory investigation.

8. Predator Spyware Hides iOS Mic & Camera

Intellexa’s Predator spyware has the capability to bypass standard iOS privacy protections by suppressing the status bar dots that indicate when a device’s camera or microphone is active. Rather than exploiting a specific flaw in the notification system itself, the malware uses existing kernel-level permissions to intercept system signals and prevent the visual warnings from appearing.

9. Defense Employee Jailed for Selling Zero-Days

A former employee of the defense contractor L3Harris has been sentenced to more than seven years in prison for selling eight highly sensitive zero-day exploits to a Russian broker. Peter Williams admitted to stealing these trade secrets and receiving millions in cryptocurrency, which he used to fund a lifestyle of luxury before being caught by federal authorities.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks on Wednesday, 25 February 2026 continued to reflect pressure from broad technology rotation and investor anxiety linked to AI-driven competitive tools, even as underlying enterprise demand for cloud, identity protection, and zero-trust solutions remains intact.

• CrowdStrike finished near 350.25 dollars and declined, with investor sentiment challenged by AI disruption fears in endpoint and cloud security.

• Okta closed at 71.14 dollars and was lower, as identity and access management stocks traded weakly in the tech sell-off.

• Zscaler ended near 149.36 dollars and moved down, reflecting cloud security profit-taking amid rotation.

• Fortinet closed around 75.23 dollars and declined, with network security names under pressure alongside broader tech equities.

• Check Point Software Technologies finished near 152.44 dollars and was lower, with defensive cybersecurity valuations tracking sector trend lines.

💡 Cyber Tip

📡 Zyxel Warns of Critical RCE Router Flaw

Zyxel has released urgent firmware updates for over a dozen router models to fix a critical remote code execution flaw in the UPnP feature. The vulnerability allows unauthenticated attackers to send crafted requests and execute operating system commands on affected devices, potentially compromising entire home or enterprise networks.

🛠️ What You Should Do

• Update router firmware to the latest Zyxel release immediately

• Disable UPnP if it is not required

• Ensure WAN remote management is turned off

• Change default admin credentials and enable strong passwords

• Check whether your router is exposed to the internet

⚠️ Why This Matters

Routers are network gatekeepers. If compromised, attackers can intercept traffic, pivot into internal systems, or recruit devices into botnets. Prompt firmware updates and secure configurations are essential to prevent takeover.

Visit BookClub

📚 Cyber Book

Your Face Belongs to Us by Kashmir Hill

Get Book

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium