State of (in)security - Week 7, 2026
Take action: Disable AI extensions that have local system access if they also read data from public sources like calendars or email. You should never allow an autonomous agent to bridge untrusted external content directly to your operating system's command line. Treat AI agents as privileged entities and implement monitoring to detect unauthorized command execution. When developing a product, always make sure to patch your own product instances. Because you are just as exposed, and you don't have a lot of reasonable arguments not to patch.
Learn More
In the week between Feb. 9, 2026, midnight and Feb. 16, 2026, midnight we witnessed a total of:
- 19 advisory/vulnerability events
- 16 incident/data breach events
Week over Week comparison of week 7 2026 vs week 6 2026 :
- Advisories are up and incidents are down. Advisories are up from 16 in week 6 2026 to 19 in week 7 2026. Incidents are down from 23 in week 6 2026 to 16 in week 7 2026.
- The number of known impacted individuals is up - from 15.9 thousand in week 6 2026 to 50.8 million in week 7 2026.
We also shared 1 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 50,838,966 impacted individuals across 7 incidents, with the largest breach being the Codeway AI Chat App Leak Exposes 300 Million Messages Due to Firebase Misconfiguration incident exposing 25,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 5 |
| IT/Software/Technology | 3 |
| Government | 3 |
| Retail | 1 |
| Construction/Realestate | 1 |
| Telecommunications | 1 |
| Finance | 1 |
| Insurance | 1 |
Read the Event Details of the Week
Knowledge
- active exploit | BeyondTrust and CISA Warn of Active Exploitation of Remote Support and Privileged Remote Access Flaw
Vulnerabilities
- critical vulnerability | Adobe Releases February 2026 Patches for Multiple Products
- critical vulnerability | Apple Patches Actively Exploited Flaw, Over 90 Vulnerabilities in macOS, iOS, and iPadOS in February 2026 Security Updates
- critical vulnerability | CISA Warns of Active Exploitation in Microsoft Configuration Manager SQL Injection Flaw
- critical vulnerability | Claude Desktop Extensions Vulnerability Exposes Users to Zero-Click RCE
- critical vulnerability | Critical Authentication Bypass Flaws Reported in ZLAN Industrial Gateways
- critical vulnerability | Critical Gogs Vulnerabilities Enable Remote Code Execution and 2FA Bypass
- critical vulnerability | Critical Path Traversal Flaw in Unstructured.io AI Library Enables Remote Code Execution
- critical vulnerability | Critical RCE Vulnerability Reported in WPvivid Backup Plugin
- critical vulnerability | Critical SQL Injection Vulnerability in Fortinet FortiClientEMS Allows Remote Code Execution
- critical vulnerability | Critical UUID Flaw in Fiber v2 Framework Enables Session Hijacking
- critical vulnerability | HashiCorp Patches Critical RCE Vulnerability in next-mdx-remote Library
- critical vulnerability | HGiga Patches Critical Authentication Bypass and SQL Injection Flaws in C&Cm@il
- critical vulnerability | Ivanti Patches High-Severity Authentication Bypass in Endpoint Manager
- critical vulnerability | Massive Exposure of OpenClaw AI Agents Leaves 40,000 Instances Vulnerable to Remote Takeover
- critical vulnerability | Microsoft February 2026 Patch Tuesday Fixes 58 Vulnerabilities, Six actively Exploited Flaws
- critical vulnerability | Microsoft Patches Critical Elevation of Privilege Flaws in Azure Services
- critical vulnerability | QNAP Patches Muliple Flaws in NAS Operating Systems, One Critical
- critical vulnerability | SAP February 2026 Updates Patch Critical CRM, S/4HANA and NetWeaver Flaws
- critical vulnerability | Siemens COMOS Affected by Multiple Flaws, at Least One Critical
Incidents
- data breach | Tenga Store USA Data Breach Exposes Customer Correspondence
- data breach | Senegal National ID Department Suspends Operations Following Green Blood Group Ransomware Attack
- data breach | JBS Mental Health Authority Ransomware Attack Impacts 30,000 Individuals
- data breach | Fintech Lender Figure Technology Reports Data Breach Claimed by ShinyHunters
- data breach | Telegram Allegedly Impacted by Massive Data Leak Exposing 200 Million User Records
- data breach | Codeway AI Chat App Leak Exposes 300 Million Messages Due to Firebase Misconfiguration
- data breach | Dutch Authorities Hit by Ivanti Zero-Day Exploits
- data breach | European Commission Reports Cyberattack on Mobile Management Infrastructure
- data breach | Terry Reilly Health Services Reports Data Breach Caysed by Third Party Compromise
- data breach | EyeCare Partners Reports Data Breac Through Email Compromise
- data breach | Sermo Healthcare Platform Reports Data Breach
- data breach | Anywhere Real Estate Data Breach via Oracle EBS Zero-Day Vulnerability
- data breach | Telecom Provider Odido Data Breach Affects 6.2 Million Customers
- ransomware | SmarterTools Network Breached via Unpatched SmarterMail Vulnerability
- ransomware | Spindletop Center Ransomware Attack Exposes Data of 88,863 Individuals
- ransomware | Beacon Mutual Insurance Co. Hit by INC Ransomware Attack
