On this roundup, Tony seems at how opportunistic menace actors are making the most of weak authentication, unmanaged publicity, and standard AI instruments
28 Feb 2026
With the second month of 2026 (nearly) behind us, it is time for ESET Chief Safety Evangelist Tony Anscombe to have a look at cybersecurity tales that moved the needle and supplied important classes over the previous 4 weeks. Here is Tony’s rundown of a few of what stood out in February 2026:
- Menace actors misused business generative AI instruments to compromise greater than 600 FortiGate gadgets positioned in 55 nations. Fairly than particular vulnerabilities, the assaults exploited uncovered administration ports and weak credentials with out two-factor authentication, in response to Amazon Menace Intelligence.
- Extra proof of dangerous actors making the most of GenAI companies was offered by ESET researchers this week after they uncovered PromptSpy, the primary recognized case of Android malware abusing generative AI for context-aware consumer interface manipulation.
- The FBI has warned ATM operators about a rise in malware-fueled jackpotting assaults in U.S. the place criminals trick money machines into spitting out massive quantities of money,
- The safety trade has additionally been busy digesting a report that Poland’s CERT printed on the very finish of January and that took a deep dive into current cyberattacks at greater than 30 organizations working in essential infrastructure sectors. ESET researchers analyzed a wiper and shared different technical particulars about an incident geared toward an vitality firm as a part of the assaults.
What are a few of the classes companies ought to take away from these incidents? Watch the video to study extra and you should definitely try the January 2026 version of Tony’s month-to-month safety information roundup for extra insights.
