State of (in)security - Week 9, 2026
Take action: Treat AI tool configuration files with the same suspicion as executable binaries. Treat local AI agents as high-privilege and very dangerous Be aware that most AI tools are half-baked extremely vulnerable products that developers didn't design or test properly and push the security problem on the user. Ideally, don't use them. If you do use them, DO NOT TRUST THEM. Isolate them on a separate computer, severely limit their access and granted abilities.
Learn More
In the week between Feb. 23, 2026, midnight and March 2, 2026, midnight we witnessed a total of:
- 21 advisory/vulnerability events
- 15 incident/data breach events
Week over Week comparison of week 9 2026 vs week 8 2026 :
- Advisories are down up incidents are down. Advisories are up from 11 in week 8 2026 to 21 in week 9 2026. Incidents are down from 19 in week 8 2026 to 15 in week 9 2026.
- The number of known impacted individuals is up - from 1.2 million in week 8 2026 to 53 million in week 9 2026.
We also shared 1 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 53,199,418 impacted individuals across 5 incidents, with the largest breach being the ManoMano Data Breach Exposes 38 Million Customer Records via Subcontractor Compromise incident exposing 38,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 8 |
| Hospitality/Events | 2 |
| Aviation | 1 |
| Consulting/Professional Services | 1 |
| Entertainment/Leisure | 1 |
| Retail | 1 |
Read the Event Details of the Week
Knowledge
Vulnerabilities
- critical vulnerability | Anthropic Patched Remote Code Execution and API Theft Flaws in Claude Code
- ransomware | CISA Reports Actively Exploited Soliton FileZen Command Injection Vulnerability
- critical vulnerability | Cisco Catalyst SD-WAN Zero-Day Exploited by Sophisticated Threat Actor UAT-8616
- critical vulnerability | Cline CLI Supply Chain Attack: Malicious Version 2.3.0 Installs OpenClaw Backdoor
- critical vulnerability | Copeland Patches Critical Remote Code Execution Flaws in XWEB Monitoring Systems
- critical vulnerability | Critical Authentication and Session Flaws Discovered in Mobility46 EV Charging Stations
- critical vulnerability | Critical Root RCE Vulnerability Patched in Juniper PTX Series Routers
- critical vulnerability | Critical Vulnerabilities Discovered in InSAT MasterSCADA BUK-TS
- critical vulnerability | Critical Vulnerabilities in Gardyn Home Kit Allow Remote Device Takeover
- critical vulnerability | Critical Vulnerabilities in SWITCH EV Charging Platform Allow Station Impersonation
- critical vulnerability | Google Issues Chrome Update for High-Severity Vulnerabilities
- critical vulnerability | HPE Patches Critical Access Bypass in Telco Service Activator
- critical vulnerability | Multiple Vulnerabilities Discovered in Chargemap Platform
- critical vulnerability | Multiple Vulnerabilities in CloudCharge EV Platform, Including One Critical
- critical vulnerability | Multiple Vulnerabilities Reported in EV2GO Charging Platform
- critical vulnerability | Multiple Vulnerabilities Reported in EV Energy Charging Platform
- critical vulnerability | Multiple Vulnerabilities Reported in Johnson Controls Frick Quantum HD Systems
- critical vulnerability | OpenClaw Patches High-Severity Website-to-Local Hijacking Vulnerability
- critical vulnerability | SolarWinds Patches Four Critical Root-Level Flaws in Serv-U File Transfer Software
- critical vulnerability | Trend Micro Patches Critical RCE and Privilege Escalation Flaws in Apex One
- critical vulnerability | Zyxel Patches Multiple Flaws Including a Remote Code Execution Vulnerability in Multiple Router Models
Incidents
- data breach | System Misconfiguration Exposes One Billion Global Identity Records
- data breach | Wynn Resorts Confirms Employee Data Breach Following ShinyHunters Extortion Attempt
- data breach | Wee Care Pediatrics Reports Data Breach Exposing Patient Data
- data breach | ManoMano Data Breach Exposes 38 Million Customer Records via Subcontractor Compromise
- data breach | The Grand Hotel Taipei Warns of Potential Data Breach After Network Breach
- data breach | Cegedim Santé Cyberattack Exposes Data of 15 Million French Citizens
- data breach | Greater Pittsburgh Orthopedic Associates Reports Data Breach
- data breach | Optimizely Confirms Data Breach Following Vishing Attack
- data breach | Apex Spine and Neurosurgery Reports Ransomware Attack, Data Breach
- data breach | MediMap Health Platform Breach Leads to Patient Data Manipulation
- data breach | QualDerm Partners Investigates Data Breach Involving Patient Health Information
- ransomware | UFP Technologies Reports Data Theft Following Cyberattack
- ransomware | INC Ransomware Gang Claims Attack on Air Côte d'Ivoire
- ransomware | Everest Ransomware Group Breaches Vikor Scientific via Third-Party Supplier
- ransomware | Ngong Ping 360 Reports Ransomware Attack and Data Breach
