Cybersecurity 23 February 2026 - 21 May 2026

Rapid7 Slides After Hours on Guidance Figure

Rapid7 Slides After Hours on Guidance Figure

• Rapid7 ended the day off 1.1% at $7.19, after shares moved between $7.08 and $7.48.• The stock underperformed as the broader tech sector found strength. The Nasdaq-100 ETF QQQ was up 1.8% late.• Next time investors hear from Rapid7 management will be June 2, when the company is on the agenda at William Blair’s growth stock conference. Rapid7 Inc. ended Tuesday at $7.19, off 1.1%, with sellers sticking around after the cybersecurity group put out a weaker outlook for 2026 and analysts trimmed price targets. The close put Rapid7's market cap near $483 million.
May 26, 2026
CSP Inc. trades around ex-dividend date; small Nasdaq cybersecurity name stays in focus

CSP Inc. trades around ex-dividend date; small Nasdaq cybersecurity name stays in focus

CSP Inc. shares edged higher Thursday after the company went ex-dividend. The tech and cybersecurity group, which is listed on the Nasdaq, reported a quarterly profit earlier this month. The stock was at $9.51 at 10:44 a.m. ET, up 9 cents for the day so far, market data showed. Trading was thin, with only 1,949 shares exchanged. The market cap is close to $92.4 million, so low volumes and small trades can swing the price.
May 21, 2026
Microsoft Defender Zero-Day Attacks Hit Windows as Two Flaws Remain Unpatched

Microsoft Defender Zero-Day Attacks Hit Windows as Two Flaws Remain Unpatched

REDMOND, Washington, April 18, 2026, 09:31 PDT Three fresh Microsoft Defender vulnerabilities have already been put to work by attackers, raising alarm over public exploit code that flips a core Windows security tool into a threat itself. Huntress analysts spotted BlueHammer, RedSun, and UnDefend binaries stashed in a user’s Pictures and Downloads directories—these files appeared after the initial breach, traced back to a FortiGate VPN.
April 18, 2026
New Chrome Privacy Reports Raise Fingerprinting Fears as Edge, Firefox and Brave Offer Built-In Defenses

New Chrome Privacy Reports Raise Fingerprinting Fears as Edge, Firefox and Brave Offer Built-In Defenses

Google Chrome is facing renewed privacy questions after a series of reports Friday pointed out the browser still doesn't have native protections against browser fingerprinting—a tracking tactic that picks up on details like fonts, screen size, and graphics hardware to identify users. According to The Register, which referenced privacy consultant Alexander Hanff, Chrome remains vulnerable to “at least thirty distinct fingerprinting techniques.” Timing is key here—Chrome commands 66.7% of the global browser market, per Statcounter’s March data. That kind of reach means any privacy gap, no matter how slim, could impact a massive chunk of web traffic.
April 17, 2026
Fake Windows 11 24H2 Update Warning: Avoid This Lookalike Download as Microsoft Rolls Out April Patch

Fake Windows 11 24H2 Update Warning: Avoid This Lookalike Download as Microsoft Rolls Out April Patch

Redmond, Washington, April 15, 2026, 07:11 PDT Cybersecurity researchers flagged a bogus Windows 11 24H2 update, warning users that a fake Microsoft support page is pushing an installer designed to swipe passwords, payment info, and account credentials, according to Malwarebytes. The warning hit as Microsoft pushed out its legitimate April security update for Windows 11.
April 15, 2026
Microsoft Patches BlueHammer Windows Zero-Day Flaw in Defender After Public Leak

Microsoft Patches BlueHammer Windows Zero-Day Flaw in Defender After Public Leak

Microsoft issued a fix for CVE-2026-33825 on Tuesday, a Microsoft Defender privilege-escalation bug that had been publicly disclosed and linked by security researchers to BlueHammer, the proof-of-concept exploit that surfaced online earlier this month. That patch landed as part of Microsoft’s April Patch Tuesday update, which also included a security fix for SharePoint—CVE-2026-32201. According to Microsoft, attackers had already started exploiting that SharePoint vulnerability. This one’s significant: BlueHammer allowed attackers with existing access to escalate to SYSTEM, the highest level on Windows machines. With public exploit code out before any patch was ready, the debate among researchers quickly took a back seat. Suddenly, every unpatched endpoint faced a real threat.
April 15, 2026
Adobe rushes emergency Acrobat Reader patch after months-long PDF zero-day attacks

Adobe rushes emergency Acrobat Reader patch after months-long PDF zero-day attacks

SAN JOSE, California, April 14, 2026, 10:12 AM PDT Adobe rushed out an emergency fix for Acrobat and Reader, responding to months of real-world attacks leveraging a vulnerability in PDF handling. The company confirmed ongoing exploitation of CVE-2026-34621, releasing patches for Windows and macOS versions. The update applies to Acrobat DC, Acrobat Reader DC, and Acrobat 2024.
April 14, 2026
Comcast Opens Xfinity Data Breach Settlement Claims in $117.5 Million Deal: Who Qualifies Before Aug. 14

Comcast Opens Xfinity Data Breach Settlement Claims in $117.5 Million Deal: Who Qualifies Before Aug. 14

Comcast users hit by the 2023 Xfinity data breach have until Aug. 14 to submit claims for cash or services from a $117.5 million settlement. The final green light on the deal is scheduled for July 7 in federal court in Philadelphia. About 31.6 million people who received breach notifications make up the class. Anyone who can document out-of-pocket expenses and lost time is eligible to claim up to $10,000 per individual; lost time is compensated at $30 per hour, up to a five-hour limit. Others in the class can file for a cash payment, estimated around $50. On top of that, all class members qualify for three years of identity-defense protection, which comes with credit monitoring, dark web surveillance,
April 14, 2026
GTA 6 Studio Rockstar Games Hack Escalates as ShinyHunters Says Stolen Data Will Be Published

GTA 6 Studio Rockstar Games Hack Escalates as ShinyHunters Says Stolen Data Will Be Published

The group responsible for hacking Rockstar Games intends to release the pilfered data online, according to VGC, which referenced the hackers’ remarks to the BBC on Monday. Rockstar, for its part, maintains the hack disclosed only limited, non-material information, adding that players and operations were unaffected. This headache comes at an awkward time for Take-Two Interactive, headquartered in New York. Rockstar’s website still pins Nov. 19, 2026, as the launch date for Grand Theft Auto VI, a release Reuters said in February could generate billions for the company out of the gate.
April 13, 2026
Microsoft Moves to Fix WireGuard, VeraCrypt Account Freeze That Halted Windows Updates

Microsoft Moves to Fix WireGuard, VeraCrypt Account Freeze That Halted Windows Updates

Redmond, Washington, April 9, 2026, 06:12 Microsoft on Thursday said it’s moving to restore access for the developers of WireGuard and VeraCrypt after a sweep through its Windows Hardware Program cut them off from pushing Windows updates. “Should be fixed in a bit,” Microsoft vice president Scott Hanselman posted. VeraCrypt’s Mounir Idrassi said he’s now in touch with the right folks at Microsoft.)
April 9, 2026
Standard Chartered PLC Opens First Global Fusion Centre in Malaysia as Cyber, Fraud Threats Intensify

Standard Chartered PLC Opens First Global Fusion Centre in Malaysia as Cyber, Fraud Threats Intensify

Standard Chartered PLC has launched its first Global Fusion Centre in Malaysia, rolling cyber, fraud, and physical-security monitoring all into a single operation. The aim: react more quickly to increasingly complex threats. The new center is housed within the bank’s Global Business Services hub in Kuala Lumpur. This shift is significant: according to the bank, cybercrime, digital fraud, and physical threats are now bleeding into each other, and siloed control teams have trouble catching the entire attack sequence quickly enough. Standard Chartered says its new center leans on real-time data and AI-based tools to speed up reactions and help keep everything functioning during incidents.
April 6, 2026
Co-op CEO Shirine Khoury-Haq to Step Down as Cyberattack Fallout and Costs Bite

Co-op CEO Shirine Khoury-Haq to Step Down as Cyberattack Fallout and Costs Bite

Shirine Khoury-Haq is leaving her post as Co-op Chief Executive on March 29, ending a four-year stint at the helm. Board member Kate Allum steps in as interim chief while the search for a permanent replacement gets underway. The shakeup follows a challenging period for the British member-owned retailer, including a cyberattack, sluggish sales, and fresh scrutiny over leadership culture. Timing is key here. Co-op reported a 2.3% drop in 2025 revenue to 11 billion pounds, swinging from last year’s 131 million pound profit to a 35 million pound underlying operating loss. The company attributed a 285 million pound revenue shortfall and a 107 million pound profit hit to the cyberattack, and says it’s targeting 200 million pounds in annual
March 26, 2026
Apple iPhone Spyware Alert: New DarkSword Hack Could Still Reach Millions of Unpatched Devices

Apple iPhone Spyware Alert: New DarkSword Hack Could Still Reach Millions of Unpatched Devices

CUPERTINO, California, March 19, 2026, 02:10 PDT. Alphabet’s Google Threat Intelligence Group, along with mobile security outfits iVerify and Lookout, have flagged a fresh iPhone exploit chain they’re calling DarkSword. This one is capable of taking over devices running some iOS 18 builds simply by getting users onto a compromised site. They say the toolkit’s been in play since at least November, surfacing in campaigns linked to Saudi Arabia, Turkey, Malaysia, and Ukraine.
March 19, 2026
Palo Alto Networks widens industrial 5G security push with Siemens as AI factory build-out grows

Palo Alto Networks widens industrial 5G security push with Siemens as AI factory build-out grows

Palo Alto Networks is stepping deeper into industrial security, teaming up with Siemens to debut a new cybersecurity suite targeting private 5G factory networks. Shares of Palo Alto climbed $4.68 during Thursday afternoon trading in the U.S. Private 5G is catching on fast in factories loaded with sensors, robots, and autonomous gear — all tied into networks running entirely on-site, not through traditional carriers. Siemens flagged that a breach in these environments can bring production to a halt or even put workers at risk. On top of that, the EU’s NIS2 directive is clamping down on cybersecurity requirements in 18 key industries.
March 5, 2026
CrowdStrike stock rises as cybersecurity firm flags stronger 2027 revenue outlook

CrowdStrike stock rises as cybersecurity firm flags stronger 2027 revenue outlook

CrowdStrike stock climbed roughly 4% Thursday, following the cybersecurity company's fiscal 2027 revenue forecast—guiding between $5.87 billion and $5.93 billion. For the first quarter, CrowdStrike expects revenue in the $1.36 billion to $1.364 billion range. The outlook comes as investors pick through software names to figure out who can hang onto pricing power in an AI-dominated landscape—and who gets pinched. Even cybersecurity, often considered tech’s safe spot, hasn’t escaped the valuation debate.
March 5, 2026
Coinbase, Microsoft disrupt “Tycoon 2FA” phishing network as crypto rules hit another snag

Coinbase, Microsoft disrupt “Tycoon 2FA” phishing network as crypto rules hit another snag

Coinbase Global Inc announced Wednesday it collaborated with Microsoft and several other partners to take down “Tycoon 2FA,” a phishing operation that sold stolen login credentials by subscription. According to the crypto exchange, it tracked crypto transactions tied to the service, which led to identifying a suspected administrator, reportedly based in Pakistan. The timing isn’t lost on Coinbase. Phishing attacks still find their way into accounts—and then, inevitably, into complaints—even if users have enabled additional login protections.
March 5, 2026
ServiceNow closes Veza deal: the $1.25B identity-security bet tied to AI agents

ServiceNow closes Veza deal: the $1.25B identity-security bet tied to AI agents

ServiceNow wrapped up its purchase of identity security specialist Veza, with the deal closing on March 2. The company plans to integrate Veza’s access controls into its Security and Risk suite, aiming to support customers deploying autonomous “agentic AI” systems. “In the era of agentic AI, every identity — human, AI agent, or machine — is a force for enterprise impact,” said President and COO Amit Zavery in the announcement. Veza, launched in 2020 out of Los Gatos, California, counts nearly 150 enterprise clients and employs 230 people, according to ServiceNow. The timing stands out. ServiceNow has flagged that as companies rush into the cloud and accelerate AI rollouts, identities and permissions are ballooning beyond what most can monitor—leaving a
March 4, 2026
CrowdStrike forecast tops estimates as Q4 results steady nerves after AI-driven cyber stock selloff

CrowdStrike forecast tops estimates as Q4 results steady nerves after AI-driven cyber stock selloff

Austin, Texas—March 4, 2026, 04:30 CST. CrowdStrike Holdings posted a fiscal 2027 revenue forecast that beat analyst estimates on Tuesday, pushing its shares up 1.7% by the close. The company had just reported a 23% jump in quarterly sales, a rare show of steadiness in a jittery sector. After hours, shares gave back 0.8% as trading turned volatile. “Having a software stock trade close to flat post print seems like a good outcome,” Truist Securities analyst Junaid Siddiqui said.
March 4, 2026
1 2 3 4