Closest call / honorable mention: LexisNexis confirmed a breach after a threat actor leaked data allegedly taken from a limited number of servers containing mostly legacy data from before 2020. It did not make my top five only because the company said the matter was contained and there was no evidence of impact to products […]
Cyber Security Weekly: Top stories from Last Week (Feb 22–Feb 28, 2026)
Cisco Catalyst SD-WAN auth bypass — CVE-2026-20127 (actively exploited, CVSS 10)Why it’s top: Internet-exposed SD-WAN control-plane components are high-impact; exploitation has been publicly reported, and agencies have issued urgent guidance. Ivanti Endpoint Manager Mobile (EPMM) — CVE-2026-1281 / CVE-2026-1340 (widespread automated exploitation attempts)Fix-first: Patch/mitigate any internet-facing EPMM immediately; treat as mass-scanned. BeyondTrust Remote Support / […]
Cyber Security Weekly: The Attacks and Vulnerabilities That Mattered Most (Feb 16–22, 2026)
Top Cyber Security stories from Last Week (Feb 16–22, 2026) Need help addressing this or other cybersecurity concerns? Commonwealth Sentinel is a partner, not a vendor. We work alongside your leadership and IT team to strengthen day-to-day defenses, improve compliance and resilience, and help ensure that when something happens, you have a plan that keeps […]