Hey there, folks! Let’s dive into some intriguing cybersecurity insights with ESET’s very own Chief Security Evangelist, Tony Anscombe. This month, Tony sheds light on how cybercriminals are exploiting weak security measures, unmanaged exposures, and the widespread use of AI tools.
28 Feb 2026
As we bid farewell to the second month of 2026, Tony Anscombe reflects on the cybersecurity narratives that have captured our attention and imparted valuable lessons. Here’s a glimpse of what caught Tony’s eye in February 2026:
- Cyber threat actors leveraged commercial generative AI tools to compromise over 600 FortiGate devices across 55 countries. These attacks didn’t exploit specific vulnerabilities but rather targeted exposed management ports and weak credentials lacking two-factor authentication, as highlighted by Amazon Threat Intelligence.
- ESET researchers uncovered PromptSpy, an Android malware instance that represents the inaugural case of malicious software abusing generative AI for context-aware user interface manipulation.
- The FBI’s recent alert to ATM operators warns of a surge in jackpotting attacks fueled by malware in the U.S., where criminals manipulate cash machines to dispense large sums of cash.
- The cybersecurity community is abuzz with Poland CERT’s report that delves into recent cyber incidents at critical infrastructure organizations. ESET’s analysis of a wiper and other technical insights shed light on an attack targeting an energy company as part of these incidents.
What lessons can businesses glean from these events? Tune into the video for deeper insights and don’t forget to explore Tony’s January 2026 security news roundup for further enlightenment.
