AI is actively reshaping cyber risk, driving AI-powered ad fraud, deepfake incidents, and novel malware events while regulators and enterprises race to respond in real time. This weekly roundup highlights AI-driven ghost click ad fraud, the Ireland GDPR probe into X’s Grok, and a suspected ransomware incident at Advantest, underscoring the…
Tag: GDPR
![Cybersecurity News | Daily Recap [18 Feb 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [18 Feb 2026]")
Daily Recap, the latest cyber threats cover exploited zero-days like Dell RecoverPoint CVE-2026-22769 used by UNC6201 to deploy GRIMBOLT/SLAYSTYLE with Ghost NICs, and a spectrum of high-impact flaws, supply-chain breaches, and targeted espionage campaigns. The recap also notes active exploitation of TeamT5 CVE-2024-7694, Ivanti EPMM backdoors bypassing patches, Keenadu firmware backdoors, CrescentHarvest espionage, and AI/Cloud risks including Copilot as C2 and Grok deepfakes, plus notable data leaks and enforcement actions. #UNC6201 #GRIMBOLT #SLAYSTYLE #DellRecoverPoint #TeamT5 #IvantiEPMM #Keenadu #CRESCENTHARVEST #Copilot #Grok #Eurail #Cellebrite #DavaIndia #Notepad++ #Chrysalis #PaloAltoNetworks #Koi #VulnCheck
Daily Recap, the bulletin highlights Keenadu Android backdoor embedded in firmware and Google Play apps, a Lazarus-linked graphalgo campaign delivering a RAT, and APT28’s MacroMaze operation targeting Western and Central European governments. It also notes Eurail data breaches, Figure’s data exposure after an employee phishing attack, and governance probes like Grok, along with key vulnerabilities such as CVE-2026-2441 and patch guidance for Chrome, as well as passkeys and ISO 27001 considerations. #Keenadu #graphalgo #Lazarus #MacroMaze #Eurail #Figure #Grok #ShinyHunters #CVE20262441 #Phobos #LAPSUS$ #OperationAether #X
Ireland’s Data Protection Commission has opened a formal GDPR investigation into X over its Grok AI allegedly generating non-consensual sexual images of real people, including children. The inquiry joins parallel probes by the ICO, the European Commission, California’s attorney general, Ofcom, and French prosecutors and could result in significant EU‑wide fines and criminal measures. #Grok #X
Ireland’s Data Protection Commission has opened a large-scale GDPR investigation into Elon Musk’s X Internet Unlimited Company over its Grok AI generating nonconsensual sexually explicit deepfake images, including images reportedly involving children. The probe — running alongside separate EU and UK inquiries under the Digital Services Act — could result in…
A January breach of Eurail’s customer database has escalated into a large-scale identity theft crisis after attackers began offering millions of travelers’ sensitive records for sale on criminal marketplaces and publishing a sample on Telegram. The compromised information—names, passport numbers, ID numbers, IBANs, health data and contact details—puts DiscoverEU participants at…
Eurail B.V. confirmed that customer data stolen in a breach earlier this year is being offered for sale on the dark web and a sample of the data was published on Telegram. The company is investigating which records and how many customers were affected, has notified data protection authorities under the GDPR, and advises customers to change Rail Planner passwords, reset reused credentials, and monitor bank accounts. #Eurail #Telegram #GDPR #RailPlanner #DiscoverEU
Passkeys, built on FIDO2 and WebAuthn, replace passwords with device-bound cryptographic authentication that reduces phishing, support costs, and improves user experience. For ISO/IEC 27001 organizations, a compliant transition requires risk-based prioritization, mapping passkey deployment to Annex A controls, documented recovery procedures, and monitoring for new attack vectors. #Passkeys #ISOIEC27001
OpenClaw is an agentic AI platform that runs locally with deep system access and an extensible third‑party “skill” ecosystem, enabling file management, workflow automation, and direct shell command execution. Security researchers have identified widespread malicious skills (notably the ClawHavoc campaign) and critical vulnerabilities such as CVE-2026-25253 that enable credential theft, data exfiltration, and remote code execution, prompting mitigations like VirusTotal scanning, Clawdex detection, and blocking via Iru. #OpenClaw #ClawHavoc
The Breisgau-Hochschwarzwald district administration deployed G DATA 365 | MXDR to provide 24/7 monitoring, automated containment, and transparent incident handling for over 2,300 clients and servers, addressing limited in-house security staffing and compliance requirements. The managed rollout was completed in about four months, delivered stable daily operation with ticketed alerts and vendor collaboration, and proved effective during PoC and production use. #BreisgauHochschwarzwald #GDATA365MXDR
This roundup condenses notable cybersecurity developments that include espionage, large-scale DDoS activity, AI-driven intrusions, vulnerability disclosures, and consumer data breaches. This week’s highlights include the conviction of former Google engineer Linwei Ding for stealing AI trade secrets, Cloudflare reporting a record 31.4 Tbps DDoS attack, an LLM-assisted AWS admin takeover observed…
TikTok is facing potential fines from the European Commission under the EU Digital Services Act for addictive features like infinite scroll, autoplay, push notifications, and personalized recommendation systems that may harm users’ physical and mental well-being. Preliminary findings say TikTok failed to assess risks to minors and vulnerable adults and must change core design elements—such as adding screen time breaks and adapting recommendations—or face penalties up to 6% of global turnover. #TikTok #DigitalServicesAct #IrishDPC #GDPR
Sapienza University of Rome has shut down major IT systems after a cyberattack that disrupted digital services for its 112,500 students while officials work to contain the incident and restore operations. Italian reports link the incident to BabLock (Rorschach) and the pro‑Russian actor Femwar02, and national CSIRT, ACN, and Polizia Postale…
Substack disclosed that attackers accessed user email addresses, phone numbers, and internal metadata in October 2025, but the compromise went undetected until February 3, 2026. The company says credit card numbers and passwords were not accessed and the vulnerability has been fixed, though the four-month detection gap raises concerns about monitoring…
Daily Recap, a wave of critical flaws including n8n CVE-2026-1470/0863 enabling authenticated remote code execution and extensive updates across builds, alongside KEV catalog additions (Microsoft Office CVE-2026-21509, GNU InetUtils, SmarterMail, Linux kernel) highlight widespread risk across software, networks and OT. In parallel, state-backed and criminal groups continue weaponizing legacy flaws (WinRAR CVE-2025-8088 with UNC4895/RomCom, APT44, Turla), LLM/MCP abuses (Operation Bizarre Bazaar), C2 abuse (Sheet Attack), exposed AI tools (Bondu Panel, ChatGPT) and infrastructure attacks (IPIDEA takedown, Poland grid disruption), underscoring the need for resilient, AI-assisted defenses. #n8n #OperationBizarreBazaar