Weekly Scan: Cloud, Cybersecurity, AI News — Feb 22, 2026

This week's critical security updates and vulnerability disclosures:

• CVE-2025-38352 (10 mentions)
• CVE-2026-3016 | UTT HiPER 810G up to 1.7.7-171114 formP2PLimitConfig strcpy except buffer overflow (4 mentions)
• CVE-2026-2979 | FastApiAdmin up to 2.2.0 Scheduled Task API controller.py user_avatar_upload_controller unrestricted upload (3 mentions)

Advantest confirms being hit by ransomware, but says investigation is currently ongoing.

A Russian-speaking threat actor used commercial generative artificial intelligence tools to help compromise more than 600 FortiGate firewall devices across more than 55 countries earlier this year, researchers have found.

A ransomware attack forced the University of Mississippi Medical Center to close all of its roughly three dozen clinics around the state and cancel elective procedures. The post Mississippi Hospital System Closes All Clinics After Ransomware Attac...

In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular in the ...

A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites.

Welcome to Import AI, a newsletter about AI research. Import AI runs on arXiv and feedback from readers. If you’d like to support this, please subscribe. Subscribe now Want to make AI go better? Figure out how to measure it:…One simple policy intervention that works well…Jacob Steinhardt, an AI r...

AI is accelerating the telecommunications industry’s transformation, becoming the backbone of autonomous networks and AI-native wireless infrastructure. At the same time, the technology is unlocking new business and revenue opportunities, as telecom operators accelerate AI adoption across consume...

The Clinejection vulnerability chain illustrates a dangerous new era of supply chain attacks where AI agents are turned into exploit vectors. By combining indirect prompt injection with GitHub Actions cache poisoning, attackers successfully pushed unauthorized code to thousands of developers. Thi...

In this edition of Between Two Nerds Tom Uren and The Grugq talk about how ‘professional’ Five Eyes cyber espionage agencies like NSA will use AI. These agencies place a premium on stealth and won’t yolo AI. This episode is available on Youtube.

The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo's LAB52 threat intelligence team, was active between September 2025 and January 2026. It has been codenamed O...

A Russian-speaking hacker used generative AI to compromise the FortiGate firewalls, targeting credentials and backups for possible follow-on ransomware attacks.

A wormable cryptojacking campaign spreads via pirated software, using BYOVD and a time-based logic bomb to deploy a custom XMRig miner. Researchers uncovered a wormable cryptojacking campaign that spreads through pirated software bundles to deploy a custom XMRig miner. The attack uses a BYOVD exp...

LLM-driven vuln finding has reached an inflection

GPS attacks trigger revisiting threat models

What if we think about LLM coding as if it’s a compiler stage?

The CRA is coming and it's going to be a dramatic change for technology producers

Thinking of threat modeling with a knob helps you get more out of it.

Thoughts on the CVE funding crisis

Grateful to introduce the Hackers' Almanack!

A group of us have urged HHS to require better handling of security reports

Some thoughts on the Voyager Episode ‘Inside Man’

The most important stories around threat modeling, appsec and secure by design for June, 2024.

Why is it hard to count lockbit infections?

Making an LLM forget is harder than it seems

The CSRB has released its report into an intrusion at Microsoft, and...it’s a doozy.

The NVD is in crisis, and so is patch management. It’s time to modernize.

Solving hallucinations in legal briefs is playing on easy mode —— and still too hard

My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow.

Phishing behaviors, as observed in the wild.

Pointer to Adam’s latest Darkreading article

Text captured from GPT-3

What happened when Microsoft tried to buy climate abatements

Arbitrarily powerful software -- applications, operating systems -- is a problem, as is preventing it from running on enterprise systems.

The Colonial Pipeline shutdown story is interesting in all sorts of ways, and I can't delve into all of it.I did want to talk about one small aspect, which is the way responders talk about Darkside.

The timing of updates is not coincidental.

Thoughts on the issues with the Ever Given blocking the Suez Canal.

For Data Breach Today, I spoke with Anna Delaney about threat modeling for issues that are in the news right now.

You may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines.

Sharing for you, bookmarking for me.

Today is the last Star Wars Day before Episode 9 comes out, and brings the Skywalker saga to its end.

Over-inflated numbers won't scare me into buying your ‘solution’.

Discussing the value of Security Advisory Boards

[no description provided]

[no description provided]

[no description provided]

[no description provided]

[no description provided]

[no description provided]

[no description provided]

[no description provided]

[no description provided]

[no description provided]

There are a number of reports out recently, breathlessly presenting their analysis of one threatening group of baddies or another. Most readers should, at most, skim their analysis of the perpetrators. Read on for why.

New York-based ad tech company Optimizely has notified an undisclosed number of customers of a data breach after threat actors compromised some of its systems in a voice phishing attack. [...]

ShinyHunters claim to have hit Wynn Resorts, stealing 800,000 recors.

Air Côte d'Ivoire did not respond to requests for comment but released a statement on Friday confirming reports that hackers had breached its systems on February 8. Last week, the INC ransomware gang claimed it stole 208 GB of data from the airline.

The joint statement comes on the heels of the Grok AI chatbot creating and sharing millions of images of “nudified” real people.

The Everest ransomware group has taken credit for a hacker attack on Vikor Scientific, now called Vanta Diagnostics. The post US Healthcare Diagnostic Firm Says 140,000 Affected by Data Breach appeared first on SecurityWeek .

A new malware delivery campaign has hit ClawHub, the official online repository for “skills” that augment the capabilities of the popular OpenClaw AI agent. Unlike previous ones, this campaign does not aim to trick users into downloading a bogus, malicious skill. Instead, the threat actor is leav...

A low-skilled threat actor was able to do a lot with the help of AI, Amazon researchers warn.

Stolen tokens and compromised devices let attackers reuse trust without breaking authentication. Specops Software explains why identity alone isn't enough and how continuous device verification strengthens Zero Trust. [...]

Japanese tech testing company Advantest has suffered a ransomware attack, the company confirmed last Thursday, after detecting unusual activity within its IT environment on February 15, 2026. What happened? Tokyo-based Advantest is a leading manufacturer of automatic test and measurement equipmen...

While this campaign targets crypto wallets and steals money, the methodology has far wider potential that could be used by other attackers. The post Autonomous AI Agents Provide New Class of Supply Chain Attack appeared first on SecurityWeek .

A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances

Ein Hacker hat sich Zugriff auf Mitarbeiterdaten von RTL verschafft. nitpicker – shutterstock.com Die RTL Group wurde offenbar Opfer einer Cyberattacke. Wie Cybernews berichtet, brüstet sich ein Cyberkrimineller namens LuneBF mit gestohlenen Daten von mehr als 27.000 Mitarbeitern der Mediengruppe...

A newly uncovered infostealer, suspected to be built with the help of a large language model, is targeting victims with Python and C++ variants, each tailored for a different stage of data theft. Kaspersky researchers discovered a stealer dubbed “Arkanix,” which is capable of harvesting credentia...

A new phishing campaign is spreading XWorm 7.2 via malicious Excel files, hiding the malware in Windows processes, and using AES encryption to steal passwords and Wi-Fi keys.

Advantest, a Japanese specialist in testing computer chips for major semiconductor manufacturers, has deployed incident response protocols following a cybersecurity incident

Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) dismantled an organized group that used phishing to seize Facebook accounts and extract BLIK payment codes from victims. Arrest (Source: Poland’s Central Bureau for Combating Cybercrime) Eleven members of an organized criminal ...

University of Mississippi Medical Center is still scrambling to respond to a ransomware attack last Thursday

AI assistants are tied into ticketing systems, source code repositories, chat platforms, and cloud dashboards across many enterprises. In some environments, these systems can open pull requests, query internal databases, book services, and trigger automated workflows with limited human involvemen...

An information-stealing malware operation named Arkanix Stealer, promoted on multiple dark web forums towards the end of 2025, was likely developed as an AI-assisted experiment. [...]

Cybersecurity researchers at Veracode reveal a typosquatting attack that disguises Pulsar RAT as images to bypass Windows security and antivirus programs.

A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. That's according to new findings from Amazon Threat Intelligence, which said i...

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks. [...]

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two RoundCube Webmail flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2025-49113 ...

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cle...

Advantest Corporation disclosed that its corporate network has been targeted in a ransomware attack that may have affected customer or employee data. [...]

After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.

Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns. [...]

The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts. [...]

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and The vulnerability, tracked as CVE-2026-1731 (C...

Understanding the risks now emerging at every layer of the AI stack.

The slower pace of upgrades has the unintended impact of creating a haven for attackers, especially for initial access brokers and ransomware gangs.

Cyberangriffe werden immer schneller, wodurch sich die Zeitspanne zwischen der ersten Kompromittierung und den negativen Folgen verkürzt. andrey_l – shutterstock.com Der Einzug von KI hat den benötigten Zeitaufwand für Cyberattacken massiv verkürzt, so dass menschliche Verteidiger nicht mehr mith...

The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack. [...]

RPKI relies on vulnerable servers, the French Ministry of Economy discloses a data breach, the UK gives tech platforms 48 hours to remove revenge porn, and ClickFix-attacks are responsible for 50% of malware infections.

CarGurus reportedly hit by ShinyHunters - with devastating effect.

As scaled-down circuits with limited functions redefine computing for AI systems and autonomous vehicles, their flexibility demands new approaches to safeguard critical infrastructure.

The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.

A top FBI cyber official said Salt Typhoon, the Chinese cyber espionage group behind the widespread compromise of U.S. telecommunications infrastructure in 2024, continues to pose a broad threat to both America’s private and public sectors. Michael Machtinger, deputy assistant director for cyber ...

Alexandra Seymour also talked about cyber workforce goals, including emulating Israel’s Unit 8200. The post ONCD official says Trump administration aims to bolster AI use for defense without increasing risk appeared first on CyberScoop .

An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January ...

Posted by Vijaya Kaza, VP and GM, App & Ecosystem Trust The Android ecosystem is a thriving global community built on trust, giving billions of users the confidence to download the latest apps. In order to maintain that trust, we’re focused on ensuring that apps do not cause real-world harm, such...

With AI-powered tools readily available, sophisticated attacks no longer require sophisticated attackers.

Make sure to secure your firewalls - or face the risk of ransomware attack.

Security researchers have uncovered six high-to-critical flaws affecting the open-source AI agent framework OpenClaw , popularly known as a “social media for AI agents.” The flaws were discovered by Endor Labs as its researchers ran the platform through an AI-driven static application security te...

A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn researchers at Abnormal

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow

Wenn CISOs stärkere Programme, bessere Widerstandsfähigkeit und eine sicherere Zukunft wollen, müssen sie ihren Ansatz weiterentwickeln. Overearth – shutterstock.com Cybersicherheit wird oft wie ein Spiel behandelt. Unternehmen jagen schnellen Erfolgen hinterher, haken Compliance-Listen ab oder k...

Could America turn off Europe's internet? That’s one of the questions that Graham and special guest James Ball will be exploring as they discuss tech sovereignty. Could Gmail, cloud services, and critical infrastructure really become geopolitical leverage? And is anyone actually building a Plan B...

Matthew Akande was living in Mexico when he and at least three co-conspirators broke into the networks of tax preparation firms and filed more than 1,000 fraudulent tax returns seeking tax refunds. The post Nigerian man sentenced to 8 years in prison for running phony tax refund scheme appeared f...

Social engineering is still the number one attack vector, but ransomware operators are stepping away from encryptors.

CVE-2026-2329 allows unauthenticated root-level access to SMB phone infrastructure, so attackers can intercept calls, commit toll fraud, and impersonate users.

The Figure data breach allowed hackers to steal customer names, dates of birth, physical addresses, phone numbers, and email addresses.

Ransomware groups reached a record high in 2025, and claimed a record number of victims in the process.

The title of the post is” What AI Security Research Looks Like When It Works ,” and I agree: In the latest OpenSSL security release> on January 27, 2026, twelve new zero-day vulnerabilities (meaning unknown to the maintainers at time of disclosure) were announced. Our AI system is responsible for...

Searchlight Cyber reports a 30% annual increase in ransomware victim numbers in 2025

A Talos researcher used targeted emulation of the Socomec DIRIS M-70 gateway’s Modbus thread to uncover six patched vulnerabilities, showcasing efficient tools and methods for IoT security testing.

Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines

Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design th...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2026-2441 (CVSS score: 8.8) - A use-after...

On this week’s show, Patrick Gray, Adam Boileau and James WIlson discuss the week’s cybersecurity news. They cover: Palo Alto threat researchers want to attribute to China, but management says shush An increasing proportion of ransomware is data extortion. Is this good? Cambodia says it’s going t...

A supply chain attack plants backdoors on Android tablets, the EU blocks AI from lawmakers’ devices, Cellebrite was used against a Kenyan politician, and a Chinese APT is exploiting a Dell zero-day.

Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge.

Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics

An investigation is underway into Washington hotel attackers, but no group has claimed responsibility yet.

Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments

My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (NDR) system. My goal was to understand how NDR is used in hunting and incident response, and how it fits into the daily workflow of a Secu...

The January 2026 Eurail breach just got worse, as hackers have started selling the stolen data.

All worker types, including CEOs, are showing a lack of readiness when it comes to using AI in cybersecurity.

A Tenga employee fell for a phishing email, and gave away access to a company email account.

Guardicore Labs uncovers a Ransomware detection campaign targeting MySQL servers. Attackers use Double Extortion and publish data to pressure victims.

Guardicore security researchers describe and uncover a full analysis of a cryptomining attack, which hid a cryptominer inside WAV files. The report includes the full attack vectors, from detection, infection, network propagation and malware analysis and recommendations for optimizing incident res...

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow

We discuss widespread exploitation of Ivanti EPMM zero-day vulns CVE-2026-1281 and CVE-2026-1340. Attackers are deploying web shells and backdoors. The post Critical Vulnerabilities in Ivanti EPMM Exploited appeared first on Unit 42 .

A new Android malware called “Massiv” is on the rise. Security researchers at ThreatFabric uncovered the large-scale campaign, in which hackers disguised and distributed the malware as a harmless IPTV streaming app. Once installed, however, the app was able to read screen inputs to steal password...

What most people thought was going to be another year of agentic AI is quickly turning into a more practical focus on simultaneously dealing with probabilistic (AI/ML-driven) and deterministic (traditional rule-based) code. Not a portfolio of both, but a growing number of hybrid applications that...

자바 개발자의 코틀린 도입을 확대하기 위해, 젯브레인이 마이크로소프트(MS)의 비주얼 스튜디오 코드(Visual Studio Code)용 ‘자바→코틀린’ 변환기 확장 프로그램을 공개했다. 코틀린은 오랫동안 자바의 대안 언어로 자리매김해 왔으며, 안드로이드 모바일 애플리케이션 개발 등 자바 기반 생태계 전반에서 폭넓게 활용되고 있다. 2월 19일 공개된 이 확장 프로그램은 비주얼 스튜디오 마켓플레이스에서 내려받을 수 있다. 개발자는 컨텍스트 메뉴를 통해 개별 자바 파일을 코틀린 코드로 변환할 수 있다. 이를 통해 레거시 코드베이...

AI가 비즈니스 전반에 깊숙이 스며들면서 IT 인력 시장도 빠른 속도로 재편되고 있다. 지난 1년 동안 IT 업계는 AI로 인한 업무 환경의 변화를 겪었다. AI는 필요한 기술 역량의 수요를 바꾸고, 일부 IT 경력 개발 과정을 재정의했으며, 거의 모든 기업에서 일상 운영 방식까지 흔들어 놓았다. IT 리더와 구성원들이 워크플로우와 프로세스에 AI를 끼워 넣는 과정에서 업무 방식 자체가 달라지고 있다는 의미다. 최근 다시 감원 소식이 헤드라인을 장식하는 가운데, 기업은 AI를 구현·도입·보호·최적화하는 데 필요한 ‘특정 역량’...

‘에이전틱 AI’는 최근 기업 기술 분야에서 가장 주목받는 용어가 됐다. 벤더는 스스로 판단하고 행동하는 시스템을 내세우며, AI를 단순한 보조 도구에서 실행 주체로 끌어올리겠다고 약속하고 있다. AI 투자에서 가시적인 성과를 내야 한다는 압박을 받는 CIO에게 이런 제안은 매력적으로 들릴 수밖에 없다. 그러나 이런 기대와 달리, 현장에서는 프로젝트를 잠시 멈추는 기업도 늘고 있다. 가트너(Gartner) 는 2027년 말까지 에이전틱 AI 프로젝트의 40% 이상이 중단될 것으로 내다봤다. 가트너의 시니어 디렉터 애널리스트 아...

Confidential complainant details passed to local politician following debate A UK councillor has dubbed her local authority's data breach "crazy" after the personal details of individuals behind a series of complaints were revealed to her.…

4K unintended installs in very odd supply chain attack Someone compromised open source AI coding assistant Cline CLI's npm package earlier this week in an odd supply chain attack that secretly installed OpenClaw on developers' machines without their knowledge. …

What happens in Vegas… Las Vegas hotel and casino giant Wynn Resorts appears to be the latest victim of data-grabbing and extortion gang ShinyHunters.…

Bitwarden, LastPass, and Dashlane are less secure than you might expect, at least if you go by the findings of security researchers at ETH Zurich and the Università della Svizzera italiana (USI) in Lugano. They’ve allegedly discovered serious security vulnerabilities in these popular password man...

'Just trust us' – Big Tech's hackneyed catchphrase makes an unwelcome return The Electronic Frontier Foundation says it will accept LLM generated code from contributors to its open source projects but will draw the line at non-human generated comments and documentation.…

We’re living through the single biggest tech disruption in history (and, if not the biggest, definitely the fastest). The AI revolution promises huge productivity gains by automating complex tasks, accelerating scientific breakthroughs in medicine, biotech, materials science, and democratizing ac...

OpenAI is launching two new security features in ChatGPT to address growing threats to its AI systems, according to a recent blog post . As AI services increasingly connect to wider parts of the web and more external apps, the risk of so-called “prompt injection attacks” also increases. A prompt ...

Security experts have uncovered a number of dangerous extensions for the Chrome browser. A total of 30 extensions belonging to the AiFrame campaign have been identified as dangerous, appearing to offer AI services but actually designed to intercept sensitive information. To date, the extensions h...

A zero-day vulnerability is a flaw in software that goes undiscovered by the developers, which can then be found and exploited by hackers before anyone gets wind of it. You might’ve heard about zero-day flaws in Chrome because it happens a lot—oh boy, does it happen a lot . Well, the first one th...

In February 2026, the automotive marketplace CarGurus was the target of a data breach attributed to the threat actor ShinyHunters . Following an attempted extortion, the data was published publicly and contained more than 12M email addresses across multiple files including user account ID mapping...

Introduction

Marianne Kolbasuk McGee reports: U.S. federal authorities and industry officials are urging hospitals and clinics to address a critical flaw in BeyondTrust Remote Support and Privileged Remote Access software, which if exploited, could give an attacker a foothold inside a corporate network. The U...

Regular readers of my companion privacy-oriented site, PogoWasRight.org, may recall that the site recently noted The Data Broker Directory: Who has your data, where they got it, and who they sell it to by Codamail’s Stephen K. Gielda of Packetderm. Instead of taking a well-deserved break after al...

Attackers are weaponizing Facebook ads to distribute password-stealing malware masked as a Windows download.

In January 2026, data allegedly sourced from US automotive retailer CarMax was published online following a failed extortion attempt . The data included 431k unique email addresses along with names, phone numbers and physical addresses.

The UK government has launched a new cybersecurity campaign aimed at small and medium-sized businesses urging them to “lock the door” on cyber criminals as digital threats escalate. The initiative — backed by the National Cyber Security Centre (NCSC) and the Department for Science, Innovation & T...

Hopefully Meta really will file this in the "just because we can do it doesn't mean we should" drawer.

Phishers are using fake Google Forms pages hosted on lookalike domains to trick job seekers into handing over their Google credentials.

A Talos researcher used targeted emulation of the Socomec DIRIS M-70 gateway’s Modbus thread to uncover six patched vulnerabilities, showcasing efficient tools and methods for IoT security testing.

GrayCharlie turns compromised WordPress sites into malware delivery machines. Discover how this threat actor chains fake browser updates and ClickFix lures to deploy NetSupport RAT, Stealc, and SectopRAT.

Malwarebytes Scam Guard is now on Windows and Mac, bringing AI-powered scam detection to your desktop.

Google has released an emergency update to patch an actively exploited zero-day—the first Chrome zero-day of the year.

This morning, I received an interesting phishing email. I&#;x26;#;xe2;&#;x26;#;x80;&#;x26;#;x99;ve a &#;x26;#;xe2;&#;x26;#;x80;&#;x26;#;x9c;love &#;x26; hate&#;x26;#;xe2;&#;x26;#;x80;&#;x9d; relation with such emails because I always have the impression to lose time when reviewing them but someti...

In February 2026, a data breach allegedly containing data relating to Canada Goose customers was published publicly . The data contained 920k records with 582k unique email addresses and included names, phone numbers, IP addresses, physical addresses and partial credit card data, specifically car...