![Cybersecurity News | Daily Recap [27 Feb 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [27 Feb 2026]")
Daily Recap, governance and policy shifts are tightening security posture in the UK with a Vulnerability Monitoring Service and a refreshed Cyber Profession that cut fix times from ~50 days to 8 and reduced critical backlog by 75%, alongside DNS risk management, while EU NIS2 and Ireland’s National Cyber Security Bill push senior-management accountability under Article 20. Threat trends point to AI-driven attacks, ransomware evolution, phishing surges, and cloud misconfigurations, with 32 million high-confidence phishing emails detected in 2025 and identity-focused breaches via Microsoft 365, alongside targeted developer attacks using Claude Code flaws and Gambit Security-funded campaigns, and high-impact network exploits like Cisco SD-WAN CVE-2026-20127 and MFA bypass through Infostealer-driven SSO campaigns; notable incidents affect Hazeldenes and UFP Technologies, and Valve faces legal action over loot boxes in Counter-Strike 2, Team Fortress 2, and Dota 2.
#UAT-8616 #CiscoSD-WAN #CVE2026-20127 #Microsoft365 #ClaudeCode #GambitSecurity #Valve #CounterStrike2 #TeamFortress2 #Dota2 #Hazeldenes #UFPTechnologies #Infostealer #F5BIGIP #SSO #MFA
#UAT-8616 #CiscoSD-WAN #CVE2026-20127 #Microsoft365 #ClaudeCode #GambitSecurity #Valve #CounterStrike2 #TeamFortress2 #Dota2 #Hazeldenes #UFPTechnologies #Infostealer #F5BIGIP #SSO #MFA
Governance & Vulnerability
- UK strengthens government cyber posture with a new Vulnerability Monitoring Service and Cyber Profession, cutting average fix times from ~50 days to 8 and reducing critical backlog by 75% while emphasizing DNS risk management – UK Cybersecurity
- EU NIS2 and Ireland’s National Cyber Security Bill push legal accountability to senior management under Article 20, exposing boards to personal liability, fines, and requiring documented decisions and targeted training – NIS2 Guide
Threat Trends & Stats
- Samsung SDS warns 2026 threats will be driven by AI-based attacks, evolving ransomware, cloud misconfigurations and phishing, and recommends least privilege, AI Guardrails and CNAPP monitoring – 2026 Threats
- Darktrace detected over 32 million high‑confidence phishing emails in 2025 and says identity attacks—especially Microsoft 365 account takeovers—are now the primary entry vector – Phishing Surge
- Ransomware victim payment rates fell to a record low of 28% in 2025 despite a ~50% jump in claimed attacks, median ransom up 368% to $59,556, and on‑chain payments around $820M (approaching $900M) amid 85 active extortion groups – Ransomware Drop
AI & Developer-targeted Attacks
- Researchers found critical flaws in Anthropic Claude Code that could let attackers execute commands and exfiltrate keys; Tel Aviv’s Gambit Security exits stealth with $61M noting abuse of Claude to automate attacks, and coordinated campaigns using malicious Next.js/Bitbucket repos deliver in‑memory backdoors to developers – Claude Flaws, Gambit Funding, Dev Backdoor
Network & Edge Exploits
- A sophisticated actor (tracked as UAT-8616) exploited a Cisco Catalyst SD‑WAN authentication bypass (CVE‑2026‑20127) for at least three years allowing admin access and rogue peers, while large credential‑stuffing campaigns using Infostealer logs targeted F5 BIG‑IP and SSO gateways to bypass MFA—prompting emergency patches and advisories – Cisco SD‑WAN, SSO Brute
Operational & Data Breaches
- Australian poultry processor Hazeldenes is restoring phased operations after a disruptive cyberattack and is working with external experts and authorities – Hazeldenes, UFP Technologies
- Medical and manufacturing supplier UFP Technologies disclosed a Feb 14 incident with data theft and destruction of some company data while primary systems remain operational as investigations continue – UFP Technologies
Products & Updates
- Microsoft expanded Windows Backup’s first‑sign‑in restore to hybrid‑managed devices, multi‑user systems and Windows 365 Cloud PCs so enterprise users can restore personal settings and Store app lists with updates from Feb 24, 2026 onward – Windows Restore
Legal & Policy
- New York AG sued Valve, alleging Steam loot boxes in games like Counter‑Strike 2, Team Fortress 2 and Dota 2 amount to illegal gambling that harms children and seeks bans, profit recovery and other remedies – Valve Lawsuit