North America
X platform
The major social media platform X, formerly known as Twitter, experienced significant disruptions on Monday, February 16, with two separate outages affecting users worldwide.
In two distinct waves, more than 65,000 users reported issues on the Elon Musk-owned platform. The first disruption occurred in the morning, generating more than 40,000 user-submitted problem reports on the tracking site Downdetector. Service appeared to stabilize before a second wave hit in the afternoon, triggering another 25,000 reports.
Users reported difficulty accessing timelines and loading content on both the desktop website and mobile app. The issues were widespread but intermittent, with service reportedly restored by 2 PM ET.
SourceHow it could affect your business
While there are no confirmed reports linking these outages to a cyberattack, large social media platforms like X are frequently targeted by distributed denial-of-service (DDoS) attacks designed to overwhelm systems and disrupt access. In March 2025, a major attack caused significant service interruptions on X, highlighting how quickly platform stability can be affected. Users should remain cautious during outages, avoid clicking on suspicious links that claim to explain disruptions and verify updates through official channels.
United States
BridgePay Network Solutions
A ransomware attack on third-party payment processing vendor BridgePay Network Solutions is causing ripple effects across the U.S., disrupting payments for numerous public and private sector entities in several cities.
On February 6, BridgePay notified the public of a systemwide service disruption caused by a ransomware attack. As a back-end payment gateway integrated into billing systems for government agencies, utilities and private businesses, the outage impacted multiple organizations, with many informing customers that they are temporarily unable to accept card payments.
BridgePay said it is working with cybersecurity professionals and U.S. authorities, including the FBI and the U.S. Secret Service forensic team, to investigate the incident. According to the latest reports, no payment card data has been compromised, and any data potentially accessed by attackers was encrypted.
SourceHow it could affect your business
Incidents involving third-party vendors can quickly disrupt operations for organizations that rely on them for critical services. To reduce exposure, organizations should assess vendor security controls, build redundancy into key systems and maintain tested business continuity and disaster recovery (BCDR) plans so they can continue serving customers even if a service provider is taken offline.
North America
Major financial institutions
A broad phishing campaign dubbed Operation DoppelBrand has been targeting major financial institutions, including Wells Fargo, USAA, Navy Federal Credit Union and Citibank, as well as other Fortune 500 companies.
The sophisticated campaign, attributed to a financially motivated threat actor known as GS7, has reportedly targeted these organizations and their customers for years. Researchers say the operation marks a significant evolution in credential theft tactics, with attackers closely mimicking legitimate login portals and replicating official branding with striking accuracy. In recent months alone, the group has registered more than 150 malicious domains to support the campaign.
Beyond financial institutions, the campaign has also targeted organizations in the technology, healthcare and telecommunications sectors, broadening its potential impact across multiple industries.
SourceHow it could affect your business
Phishing campaigns continue to grow in both complexity and frequency, with threat actors using advanced techniques to deceive even cautious users. As these tactics evolve, businesses must strengthen their defenses by combining advanced email security controls with technologies such as generative AI (GenAI) to detect impersonation patterns and emerging threats more effectively. Ongoing user awareness training also remains critical, helping employees and customers recognize suspicious messages before credentials are exposed.
Europe
Odido
The largest mobile phone operator in the Netherlands, Odido, revealed a major data breach affecting nearly 6.2 million customers.
Last week, Odido confirmed a cyberattack that impacted its customer contact system. While core operational services were not disrupted, the compromised data includes names, home and email addresses, international bank account numbers, dates of birth and passport and driving license numbers. The company said no passwords, call records or billing information were accessed.
The nature of the exposed information raises concerns that threat actors could use it to run convincing spear-phishing campaigns or attempt identity fraud using verified personal and financial details.
SourceHow it could affect your business
Many organizations do not treat their contact and support platforms as critical infrastructure. Yet these systems often house large volumes of sensitive customer data, making them attractive targets for cybercriminals. When exposed, this information can be weaponized for phishing campaigns and social engineering attacks, allowing threat actors to craft highly convincing messages that increase the risk of fraud and identity misuse.
North America
Google Chrome
Last Friday, February 13, Google released security updates for its Chrome browser to fix a security flaw, marking the browser’s first reported zero-day vulnerability of 2026.
The flaw, tracked as CVE-2026-2441 and assigned a high CVSS score of 8.8, stems from a use-after-free bug in Chrome’s CSS handling. This vulnerability could allow a remote attacker to execute arbitrary code within the browser’s sandbox by tricking a user into visiting a specially crafted HTML page. In practice, a malicious webpage alone could be enough to trigger code execution inside a victim’s browser.
Google has not disclosed details about how the vulnerability is being exploited in the wild, who may be behind the attacks or which users may have been targeted.
SourceHow it could affect your business
This incident highlights how browser-based flaws remain attractive targets for malicious actors, as browsers are widely installed and expose a broad attack surface across organizations and home users alike. For optimal protection, users should update Google Chrome to version 145.0.7632.75 or 145.0.7632.76 for Windows and macOS, and to version 144.0.7559.75 for Linux. To ensure the latest updates are installed, navigate to More > Help > About Google Chrome and select Relaunch after the update is applied.
