In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI tools
28 Feb 2026
With the second month of 2026 (almost) behind us, it’s time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that moved the needle and offered vital lessons over the past four weeks. Here’s Tony’s rundown of some of what stood out in February 2026:
- Threat actors misused commercial generative AI tools to compromise more than 600 FortiGate devices located in 55 countries. Rather than specific vulnerabilities, the attacks exploited exposed management ports and weak credentials without two-factor authentication, according to Amazon Threat Intelligence.
- More evidence of bad actors taking advantage of GenAI services was provided by ESET researchers this week after they uncovered PromptSpy, the first known case of Android malware abusing generative AI for context-aware user interface manipulation.
- The FBI has warned ATM operators about an increase in malware-fueled jackpotting attacks in U.S. where criminals trick cash machines into spitting out large amounts of cash,
- The security industry has also been busy digesting a report that Poland’s CERT published at the very end of January and that took a deep dive into recent cyberattacks at more than 30 organizations operating in critical infrastructure sectors. ESET researchers analyzed a wiper and shared other technical details about an incident aimed at an energy company as part of the attacks.
What are some of the lessons businesses should take away from these incidents? Watch the video to learn more and be sure to check out the January 2026 edition of Tony’s monthly security news roundup for more insights.
