Cyber Security Weekly: The Attacks and Vulnerabilities That Mattered Most (Feb 16–22, 2026)

Top Cyber Security stories from Last Week  (Feb 16–22, 2026)

1. Ransomware disruption at University of Mississippi Medical Center
   Impact: Clinics statewide were closed and elective procedures canceled while staff reverted to manual processes; the FBI was involved in the response.
2. Mandiant details a Dell appliance zero-day used for persistent access
   What happened: Dell Technologies RecoverPoint for Virtual Machines was exploited via CVE-2026-22769 (CVSS 10.0), including abuse of hard-coded credentials to deploy a malicious WAR and execute as root; activity traced back to mid-2024 and included BRICKSTORM/GRIMBOLT tradecraft.
3. Chrome zero-day under active exploitation (CVE-2026-2441)
   What happened: The Chrome stable channel shipped fixes and explicitly noted an exploit exists in the wild; guidance emphasized updating to the patched builds.
4. CISA KEV additions spotlight “old and new” exploited bugs
   What changed: KEV updates highlighted active exploitation of CVE-2026-2441 (Chrome), CVE-2024-7694 (TeamT5 ThreatSonar), CVE-2020-7796 (Synacor Zimbra), and CVE-2008-0015 (Microsoft Windows Video ActiveX Control)—a reminder that attackers still weaponize legacy components.
   Separate KEV attention on Roundcube webmail included CVE-2025-49113 (RCE) and CVE-2025-68461 (XSS), with a federal remediation deadline set for March.
5. France discloses breach of national bank-account registry data (FICOBA)
   Impact: Officials reported unauthorized access to data tied to ~1.2 million bank accounts (e.g., identity/IBAN-style details), with notifications and regulator involvement (including CNIL).
6. Olympics-themed scam wave: fake merch sites + social ads
   What happened: Bitdefender reported lookalike Milano Cortina merch sites pushed via ads on Meta Platforms properties, harvesting payment and personal data.
   Related event: Milano Cortina 2026 Winter Olympics
7. INTERPOL announces results from Operation Red Card 2.0
   What happened: 651 arrests, USD 4.3M recovered, and significant disruption to scam infrastructure across participating countries (operation window: Dec 8, 2025–Jan 30, 2026; announcement published Feb 18, 2026).

Need help addressing this or other cybersecurity concerns? Commonwealth Sentinel is a partner, not a vendor. We work alongside your leadership and IT team to strengthen day-to-day defenses, improve compliance and resilience, and help ensure that when something happens, you have a plan that keeps services moving and constituents protected. At Commonwealth Sentinel, we stay focused on cyber security so you can focus on other things. Contact us today or sign up for a free consultation.