On this roundup, Tony seems to be at how opportunistic menace actors are profiting from weak authentication, unmanaged publicity, and fashionable AI instruments
28 Feb 2026
With the second month of 2026 (virtually) behind us, it is time for ESET Chief Safety Evangelist Tony Anscombe to take a look at cybersecurity tales that moved the needle and supplied important classes over the previous 4 weeks. This is Tony’s rundown of a few of what stood out in February 2026:
- Menace actors misused industrial generative AI instruments to compromise greater than 600 FortiGate units positioned in 55 nations. Relatively than particular vulnerabilities, the assaults exploited uncovered administration ports and weak credentials with out two-factor authentication, in accordance with Amazon Menace Intelligence.
- Extra proof of unhealthy actors profiting from GenAI providers was supplied by ESET researchers this week after they uncovered PromptSpy, the primary identified case of Android malware abusing generative AI for context-aware consumer interface manipulation.
- The FBI has warned ATM operators about a rise in malware-fueled jackpotting assaults in U.S. the place criminals trick money machines into spitting out massive quantities of money,
- The safety business has additionally been busy digesting a report that Poland’s CERT revealed on the very finish of January and that took a deep dive into current cyberattacks at greater than 30 organizations working in important infrastructure sectors. ESET researchers analyzed a wiper and shared different technical particulars about an incident geared toward an vitality firm as a part of the assaults.
What are among the classes companies ought to take away from these incidents? Watch the video to study extra and you should definitely try the January 2026 version of Tony’s month-to-month safety information roundup for extra insights.
