Top 5 Cybersecurity News Stories February 13, 2026

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top 5 cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. Microsoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flaws

Microsoft’s February 2026 Patch Tuesday delivers fixes for 58 vulnerabilities, including six zero-days confirmed as actively exploited and three publicly disclosed before patches were available. BleepingComputer notes its count excludes three Microsoft Edge flaws fixed earlier in the month.

Microsoft also rated five issues as Critical, underscoring the urgency for rapid patch deployment. The bulletin breaks down impacts across elevation of privilege, security feature bypass, remote code execution, information disclosure, denial of service, and spoofing categories to help teams prioritize remediation. Microsoft also began a phased rollout of updated Secure Boot certificates, replacing the original 2011 certificates expiring in late June 2026.
Read more on BleepingComputer

2. The Conduent ransomware attack has grown to impact 25 million Americans

TechRepublic reports Conduent’s January 2025 ransomware incident now appears to affect at least 25 million Americans, up from more than 10 million initially disclosed. The article cites a Sept. 30, 2025, SEC filing and related disclosures stating Conduent detected the attack on Jan. 13, 2025, after an operational disruption and that attackers stole more than eight terabytes of data. Exposed information includes Social Security numbers, names, and medical data.

State figures referenced in the report highlight major impact in Oregon (10.5 million) and Texas (15.4 million). Conduent has accrued $25 million in non-recurring expenses related to breach notifications and associated services and expects cyber insurance to cover additional eligible costs.
Read more on TechRepublic

3. UNC1069 Targets Cryptocurrency Sector

Mandiant says it investigated an intrusion against a crypto/DeFi-focused FinTech and attributed it to UNC1069, a North Korea-linked actor active since at least 2018. The attack began with a compromised Telegram account used to build rapport and send a Calendly invite that routed to a spoofed Zoom meeting on attacker infrastructure.

The victim reported seeing an AI-generated “deepfake” CEO video; Mandiant could not independently verify the use of AI models. The caller then pushed a ClickFix-style “audio troubleshooting” script that initiated infection, deploying seven malware families including new tools SILENCELIFT, DEEPBREATH, and CHROMEPUSH to harvest credentials and session tokens.
Read more on Google Cloud Blog

4. Payments platform BridgePay confirms ransomware attack behind outage

BridgePay Network Solutions confirmed a ransomware attack knocked key systems offline and disrupted card-processing services. A Feb. 6 status update cited by BleepingComputer says the company engaged the FBI, U.S. Secret Service, and outside incident-response support.

BridgePay reported initial findings indicating no payment card data was compromised; accessed files were encrypted and there was no evidence of usable data exposure. Monitoring detected degraded performance around 3:29 a.m. before the disruption escalated into a full outage. Affected services included BridgeComm (Gateway API), PayGuardian Cloud API, MyBridgePay virtual terminal and reporting, hosted payment pages, and PathwayLink gateway and boarding portals.
Read more on BleepingComputer

5. CISA orders agencies to patch and replace end-of-life devices, citing active exploitation

CISA ordered federal agencies to address internet-facing “edge” devices that are end-of-support and no longer receiving vendor security updates, citing widespread exploitation by advanced hackers. Nextgov/FCW reports the binding directive gives agencies three months to identify unsupported edge devices, one year to begin removing and replacing them, and 18 months to eliminate them entirely, followed by continuous monitoring to prevent their return.

Agencies must also immediately update any vendor-supported edge devices running end-of-support software to supported versions when doing so won’t disrupt mission operations. CISA said some observed campaigns have ties to nation-state adversaries and urged other organizations to take similar action.
Read more on Nextgov/FCW

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!