Mathew J Schwartz
@mathewjschwartz.bsky.social
Cybersecurity reporter
Privacy audit finds Utah child welfare and health data at risk www.databreachtoday.com/privacy-audi...
www.databreachtoday.com
February 14, 2026 at 2:28 PM
Privacy audit finds Utah child welfare and health data at risk www.databreachtoday.com/privacy-audi...
A slew of amendments to European tech regulations touted by the European Commission as necessary for boosting continental competitiveness is receiving pushback from privacy watchdogs unhappy with changes that could water down EU privacy laws. www.databreachtoday.com/eu-privacy-w...
www.databreachtoday.com
February 14, 2026 at 11:19 AM
A slew of amendments to European tech regulations touted by the European Commission as necessary for boosting continental competitiveness is receiving pushback from privacy watchdogs unhappy with changes that could water down EU privacy laws. www.databreachtoday.com/eu-privacy-w...
Weekly Cryptohack Roundup
—Fat thumb? No, Bithumb error to the tune of $43 billion
—20-year sentence over a $73 million Cambodia scam center fraud
—SBF seeks new trial
—Inside Epstein's early crypto investments
—Probed: Trump-linked crypto deal
www.databreachtoday.com/cryptohack-r...
—Fat thumb? No, Bithumb error to the tune of $43 billion
—20-year sentence over a $73 million Cambodia scam center fraud
—SBF seeks new trial
—Inside Epstein's early crypto investments
—Probed: Trump-linked crypto deal
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: 20 Years for $73 Million Scam
This week, a 20-year sentence in a $73 million scam, SafeMoon CEO got eight years for fraud, Sam Bankman-Fried sought a new trial, Epstein's early crypto
www.databreachtoday.com
February 14, 2026 at 8:52 AM
Weekly Cryptohack Roundup
—Fat thumb? No, Bithumb error to the tune of $43 billion
—20-year sentence over a $73 million Cambodia scam center fraud
—SBF seeks new trial
—Inside Epstein's early crypto investments
—Probed: Trump-linked crypto deal
www.databreachtoday.com/cryptohack-r...
—Fat thumb? No, Bithumb error to the tune of $43 billion
—20-year sentence over a $73 million Cambodia scam center fraud
—SBF seeks new trial
—Inside Epstein's early crypto investments
—Probed: Trump-linked crypto deal
www.databreachtoday.com/cryptohack-r...
AI-generated malware exploits React2Shell and hits 91 hosts, mining a very small profit in Monero
www.databreachtoday.com/ai-generated...
www.databreachtoday.com/ai-generated...
www.databreachtoday.com
February 13, 2026 at 5:44 PM
AI-generated malware exploits React2Shell and hits 91 hosts, mining a very small profit in Monero
www.databreachtoday.com/ai-generated...
www.databreachtoday.com/ai-generated...
Risk management: Should CISOs plan for government as an adversary?
www.databreachtoday.com/blogs/should...
www.databreachtoday.com/blogs/should...
www.databreachtoday.com
February 13, 2026 at 2:28 PM
Risk management: Should CISOs plan for government as an adversary?
www.databreachtoday.com/blogs/should...
www.databreachtoday.com/blogs/should...
Here's a new data theft gang for the health sector to lose sleep over: 'Insomnia,' which appears to have a penchant for hitting healthcare entities
www.databreachtoday.com/new-data-the...
www.databreachtoday.com/new-data-the...
www.databreachtoday.com
February 13, 2026 at 11:19 AM
Here's a new data theft gang for the health sector to lose sleep over: 'Insomnia,' which appears to have a penchant for hitting healthcare entities
www.databreachtoday.com/new-data-the...
www.databreachtoday.com/new-data-the...
Weekly Data Breach Roundup
—CISA warned energy operators after a cyberattack struck Poland's power sector
—Germany flagged Signal phishing
—Russia granted asylum to a Spanish hacker
—ZeroDayRAT targeted Android and iOS devices
+more
www.databreachtoday.com/breach-round...
—CISA warned energy operators after a cyberattack struck Poland's power sector
—Germany flagged Signal phishing
—Russia granted asylum to a Spanish hacker
—ZeroDayRAT targeted Android and iOS devices
+more
www.databreachtoday.com/breach-round...
February 13, 2026 at 10:39 AM
Weekly Data Breach Roundup
—CISA warned energy operators after a cyberattack struck Poland's power sector
—Germany flagged Signal phishing
—Russia granted asylum to a Spanish hacker
—ZeroDayRAT targeted Android and iOS devices
+more
www.databreachtoday.com/breach-round...
—CISA warned energy operators after a cyberattack struck Poland's power sector
—Germany flagged Signal phishing
—Russia granted asylum to a Spanish hacker
—ZeroDayRAT targeted Android and iOS devices
+more
www.databreachtoday.com/breach-round...
All hail MAX, Russia's state-owned messenger. www.reuters.com/technology/r...
www.reuters.com
February 13, 2026 at 8:52 AM
All hail MAX, Russia's state-owned messenger. www.reuters.com/technology/r...
Norway says China-linked "Salt Typhoon" hackers hit vulnerable systems
www.databreachtoday.com/norway-says-...
www.databreachtoday.com/norway-says-...
www.databreachtoday.com
February 12, 2026 at 5:44 PM
Norway says China-linked "Salt Typhoon" hackers hit vulnerable systems
www.databreachtoday.com/norway-says-...
www.databreachtoday.com/norway-says-...
Billing services firm notifying medical lab patients of hack
www.databreachtoday.com/billing-serv...
www.databreachtoday.com/billing-serv...
Billing Services Firm Notifying Medical Lab Patients of Hack
A revenue cycle management software firm is notifying an undisclosed number of patients of several medical diagnostic labs that their sensitive information,
www.databreachtoday.com
February 12, 2026 at 2:28 PM
Billing services firm notifying medical lab patients of hack
www.databreachtoday.com/billing-serv...
www.databreachtoday.com/billing-serv...
EU approves $32B Google-Wiz purchase after antitrust review by European Commission, which rejected claims of reduced multi-cloud competition
www.databreachtoday.com/eu-approves-...
www.databreachtoday.com/eu-approves-...
www.databreachtoday.com
February 12, 2026 at 11:19 AM
EU approves $32B Google-Wiz purchase after antitrust review by European Commission, which rejected claims of reduced multi-cloud competition
www.databreachtoday.com/eu-approves-...
www.databreachtoday.com/eu-approves-...
Microsoft is touting changes to Windows meant to ensure better runtime security and user prompts when apps access sensitive desktop resources such as files, a camera or microphone.
www.databreachtoday.com/microsoft-be...
www.databreachtoday.com/microsoft-be...
www.databreachtoday.com
February 12, 2026 at 8:52 AM
Microsoft is touting changes to Windows meant to ensure better runtime security and user prompts when apps access sensitive desktop resources such as files, a camera or microphone.
www.databreachtoday.com/microsoft-be...
www.databreachtoday.com/microsoft-be...
Fake out: '0APT' data-leak ransomware group branded a scam
www.databreachtoday.com/fake-out-0ap...
www.databreachtoday.com/fake-out-0ap...
Fake Out: 0APT Data-Leak Ransomware Group Branded a Scam
Newcomer ransomware group 0APT is being branded a "likely scam operation," not least after a list of over 200 supposed victims turned out to be bogus, if
www.databreachtoday.com
February 11, 2026 at 5:44 PM
Fake out: '0APT' data-leak ransomware group branded a scam
www.databreachtoday.com/fake-out-0ap...
www.databreachtoday.com/fake-out-0ap...
Google warns of 'relentless' cyber siege on US defense sector
www.databreachtoday.com/google-warns...
www.databreachtoday.com/google-warns...
Google Warns of 'Relentless' Cyber Siege on Defense Industry
A new report from Google Threat Intelligence Group warns that state-backed hackers are escalating attacks on the defense industrial base, shifting from classic
www.databreachtoday.com
February 11, 2026 at 2:28 PM
Google warns of 'relentless' cyber siege on US defense sector
www.databreachtoday.com/google-warns...
www.databreachtoday.com/google-warns...
Trying to write ransomware, using AI, in a bid to get rich? Don’t bet the farm, says security expert Candid Wüest.
www.databreachtoday.com/interviews/w...
www.databreachtoday.com/interviews/w...
Writing Ransomware Using AI to Get Rich? Don't Bet the Farm
Attackers that want to use artificial intelligence tools to build ransomware or help run their cyber operations risk getting much less than they bargained for, said
www.databreachtoday.com
February 11, 2026 at 11:19 AM
Trying to write ransomware, using AI, in a bid to get rich? Don’t bet the farm, says security expert Candid Wüest.
www.databreachtoday.com/interviews/w...
www.databreachtoday.com/interviews/w...
CVE ecosystem changes: Feds signal shift in vulnerability oversight, with a pivot toward a more risk-based approach.
www.databreachtoday.com/feds-signal-...
www.databreachtoday.com/feds-signal-...
Feds Signal Shift in Vulnerability Oversight
The National Institute of Standards and Technology is preparing to shift its role in the globally adopted vulnerability tracking ecosystem to a risk-based model
www.databreachtoday.com
February 10, 2026 at 8:52 AM
CVE ecosystem changes: Feds signal shift in vulnerability oversight, with a pivot toward a more risk-based approach.
www.databreachtoday.com/feds-signal-...
www.databreachtoday.com/feds-signal-...
Banks face dual authentication crisis from AI agents: experts advise moving from verifying identities to knowing agent intentions
www.databreachtoday.com/banks-face-d...
www.databreachtoday.com/banks-face-d...
Banks Face Dual Authentication Crisis From AI Agents
Financial institutions are rushing to deploy AI agents capable of autonomously initiating transactions, approving payments and freezing accounts in real time. But
www.databreachtoday.com
February 9, 2026 at 5:44 PM
Banks face dual authentication crisis from AI agents: experts advise moving from verifying identities to knowing agent intentions
www.databreachtoday.com/banks-face-d...
www.databreachtoday.com/banks-face-d...
Can a Cardiac Pacemaker Help Find a Missing Person? www.healthcareinfosecurity.com/a-cardiac-pa...
Can a Cardiac Pacemaker Help Find a Missing Person?
As law enforcement investigate the abduction of 84-year-old Nancy Guthrie, medical device cyber experts cast doubt on whether her pacemaker might lead authorities
www.healthcareinfosecurity.com
February 9, 2026 at 2:28 PM
Can a Cardiac Pacemaker Help Find a Missing Person? www.healthcareinfosecurity.com/a-cardiac-pa...
Bug hunting with LLMs: 'Vulnhalla' seeks more more 'true' flaws. Open source tool promises 'up to 96% reduction in false positives,'
www.databreachtoday.com/bug-hunting-...
www.databreachtoday.com/bug-hunting-...
Bug Hunting With LLMs: Expert Tool Seeks More 'True' Flaws
Using large language models to automatically identify only real code vulnerabilities - not false positives - remains a holy grail. Eschewing a moonshot approach, a
www.databreachtoday.com
February 9, 2026 at 11:28 AM
Bug hunting with LLMs: 'Vulnhalla' seeks more more 'true' flaws. Open source tool promises 'up to 96% reduction in false positives,'
www.databreachtoday.com/bug-hunting-...
www.databreachtoday.com/bug-hunting-...
Microsoft urges users to please, finally, really now ditch NTLM authentication. Seeking to add urgency, Mandiant publishes rainbow tables for NTLM key hashes ("look ma, it's really not safe").
www.databreachtoday.com/microsoft-ur...
www.databreachtoday.com/microsoft-ur...
Microsoft Urges Users to Finally Ditch NTLM Authentication
For nearly 30 years, security experts have warned organizations to ditch the weak NTLM authentication protocol in Windows. But its use persists, even amidst easy
www.databreachtoday.com
February 7, 2026 at 8:52 AM
Microsoft urges users to please, finally, really now ditch NTLM authentication. Seeking to add urgency, Mandiant publishes rainbow tables for NTLM key hashes ("look ma, it's really not safe").
www.databreachtoday.com/microsoft-ur...
www.databreachtoday.com/microsoft-ur...
Weekly Cryptohack Roundup:
—Hacked: Step Finance and CrossCurve
—US sanctions UK-registered exchanges over Iran ties
—Forfeiture finalization of funds linked to Helix
—Coinbase data breach
—2025's illicit crypto flows
—UK regulator bans Coinbase ads
www.databreachtoday.com/cryptohack-r...
—Hacked: Step Finance and CrossCurve
—US sanctions UK-registered exchanges over Iran ties
—Forfeiture finalization of funds linked to Helix
—Coinbase data breach
—2025's illicit crypto flows
—UK regulator bans Coinbase ads
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: Step Finance, CrossCurve Exploits
This week, Step Finance and CrossCurve hacks, the United States sanctioned U.K.-registered exchanges over Iran ties, forfeiture finalization of funds linked to
www.databreachtoday.com
February 6, 2026 at 5:44 PM
Weekly Cryptohack Roundup:
—Hacked: Step Finance and CrossCurve
—US sanctions UK-registered exchanges over Iran ties
—Forfeiture finalization of funds linked to Helix
—Coinbase data breach
—2025's illicit crypto flows
—UK regulator bans Coinbase ads
www.databreachtoday.com/cryptohack-r...
—Hacked: Step Finance and CrossCurve
—US sanctions UK-registered exchanges over Iran ties
—Forfeiture finalization of funds linked to Helix
—Coinbase data breach
—2025's illicit crypto flows
—UK regulator bans Coinbase ads
www.databreachtoday.com/cryptohack-r...
Weekly Data Breach Roundup:
—Italy blocks Russian cyberattacks targeting Olympics
—Actively exploited flaws in SolarWinds, Ivanti, Office
—Russia ramps up espionage in Europe/Ukraine
—U.S. judge sentences the operator of a major darkweb drug marketplace.
www.databreachtoday.com/breach-round...
—Italy blocks Russian cyberattacks targeting Olympics
—Actively exploited flaws in SolarWinds, Ivanti, Office
—Russia ramps up espionage in Europe/Ukraine
—U.S. judge sentences the operator of a major darkweb drug marketplace.
www.databreachtoday.com/breach-round...
Breach Roundup: Italy Thwarts Russian Olympic Hacks
This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia's APT28 ramped up attacks in Ukraine,
www.databreachtoday.com
February 6, 2026 at 2:28 PM
Weekly Data Breach Roundup:
—Italy blocks Russian cyberattacks targeting Olympics
—Actively exploited flaws in SolarWinds, Ivanti, Office
—Russia ramps up espionage in Europe/Ukraine
—U.S. judge sentences the operator of a major darkweb drug marketplace.
www.databreachtoday.com/breach-round...
—Italy blocks Russian cyberattacks targeting Olympics
—Actively exploited flaws in SolarWinds, Ivanti, Office
—Russia ramps up espionage in Europe/Ukraine
—U.S. judge sentences the operator of a major darkweb drug marketplace.
www.databreachtoday.com/breach-round...
US cybersecurity agency directs federal agencies to update edge devices, including producing detailed inventories. Within 12 to 18 months, all unsupported devices must be decommissioned and replaced with vendor-supported devices that receive security updates.
www.databreachtoday.com/cisa-directs...
www.databreachtoday.com/cisa-directs...
CISA Directs Federal Agencies to Update Edge Devices
U.S. federal agencies have 12 months to start replacing risky network appliances running past their vendor support cutoff date under a directive published Thursday
www.databreachtoday.com
February 6, 2026 at 11:19 AM
US cybersecurity agency directs federal agencies to update edge devices, including producing detailed inventories. Within 12 to 18 months, all unsupported devices must be decommissioned and replaced with vendor-supported devices that receive security updates.
www.databreachtoday.com/cisa-directs...
www.databreachtoday.com/cisa-directs...
Here's good ransomware news: Victims are rebuffing crime groups' mass data theft campaigns.
www.databreachtoday.com/victims-are-...
www.databreachtoday.com/victims-are-...
Victims Are Rebuffing Ransomware Mass Data Theft Campaigns
Once lucrative steal-and-leak campaigns pioneered by Russian ransomware group Clop look set to go the way of the dinosaurs. While an estimated 25% of victims paid a
www.databreachtoday.com
February 5, 2026 at 11:19 AM
Here's good ransomware news: Victims are rebuffing crime groups' mass data theft campaigns.
www.databreachtoday.com/victims-are-...
www.databreachtoday.com/victims-are-...
Cyber extortion group ShinyHunters claimed responsibility for late 2025 attacks against Harvard University and the University of Pennsylvania, leaking what they claimed were more than 2 million records stolen from the two Ivy League schools.
www.databreachtoday.com/harvard-upen...
www.databreachtoday.com/harvard-upen...
Harvard, UPenn Data Leaked in ShinyHunters Shakedown
Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group's ongoing "live
www.databreachtoday.com
February 5, 2026 at 9:32 AM
Cyber extortion group ShinyHunters claimed responsibility for late 2025 attacks against Harvard University and the University of Pennsylvania, leaking what they claimed were more than 2 million records stolen from the two Ivy League schools.
www.databreachtoday.com/harvard-upen...
www.databreachtoday.com/harvard-upen...