CYBERCRIME In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI Other noteworthy stories that might have slipped under the radar: Axonius lays off employees, Abu Dhabi conference data leak, HackerOne addresses AI concerns. By SecurityWeek News | February 20, 2026 (10:30 AM ET) Flipboard Reddit Whatsapp Email SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. Here are this week’s stories: Axonius reduces workforce and transitions leadership Axonius has laid off approximately 40 employees, representing less than 4% of its global staff, with the majority of cuts in marketing and sales. Co-founder Dean Sysman has stepped down from his role as CEO to become executive chairman, with company president Joe Diamond appointed as interim CEO. The workforce adjustment aims to refine the company’s organizational structure and improve operational efficiency as it prepares for a potential IPO. ADVERTISEMENT. SCROLL TO CONTINUE READING. European Parliament disables AI features on official devices The European Parliament has disabled built-in AI features on work-issued devices, such as corporate tablets used by lawmakers and their staff, due to concerns over cybersecurity and data protection. The IT department determined that certain AI capabilities send data to external cloud services for processing, making it impossible to fully guarantee the security of potentially sensitive information. HackerOne revises policy language following concerns over data usage for AI Bug bounty hunters raised questions on social media about whether HackerOne was using their submitted vulnerability reports to train AI models, particularly in connection with the company’s recent Agentic PTaaS platform and its AI system called Hai. In response, HackerOne CEO Kara Sprague stated that the platform does not train generative AI models — internally or via third parties — on researcher submissions or customer confidential data, and that such data is not used to train, fine-tune, or improve generative AI models. The company is updating the language in its Terms and Conditions to more clearly reflect these practices and eliminate potential ambiguity, while emphasizing that its AI tools are intended to complement rather than replace researchers’ work. Sensitive attendee data exposed from Abu Dhabi investment conference A data leak linked to Abu Dhabi Finance Week, held in December, resulted in more than 700 passport scans and state identity card documents being left publicly accessible on an unprotected cloud storage server. The exposed information affected hundreds of high-profile attendees, including politicians and business leaders. The vulnerability, attributed by organizers to a third-party vendor, was identified by a security researcher and promptly secured. Interpol-led cybercrime crackdown in Africa A large-scale multinational operation coordinated by Interpol across multiple African countries has led to the arrest of 651 individuals suspected of involvement in various online scams, including romance fraud, investment fraud, and business email compromise schemes. Authorities recovered approximately $4.3 million in assets believed to be linked to these criminal activities, along with the seizure of electronic devices, vehicles, and other items used in the operations. The effort targeted organized cybercrime networks operating from the continent and aimed to disrupt scam infrastructure. Misconfigured Elasticsearch databases leak tens of millions of sensitive records online SOCRadar’s monitoring service discovered three publicly accessible Elasticsearch instances that lacked proper authentication, exposing over 43 million records in total. The leaked data included large volumes of valid credentials, credit card details, personal information such as names and contact details, infostealer logs with system and payment information, and various customer transaction records. Security researchers analyzed the instances, notified relevant parties, and some of the exposed data was subsequently removed or restricted. University of Mississippi Medical Center shuts down clinics due to ransomware The University of Mississippi Medical Center (UMMC) experienced a ransomware attack that disrupted many of its IT systems, including blocking access to the Epic electronic medical records system. As a result, all clinic locations across Mississippi were closed, with outpatient appointments, ambulatory surgeries, procedures, and imaging services canceled and set to be rescheduled. Hospital and emergency services continued to operate using manual downtime procedures, with no reported impact on inpatient care or equipment functionality. Record ICS vulnerabilities in 2025 Forescout research shows that 2025 recorded a high of 508 ICS advisories from CISA, covering 2,155 vulnerabilities across various products and vendors, marking the first year exceeding 500 advisories. The average severity rose significantly, with a CVSS score of 8.07 and 82% of advisories classified as high or critical. Many vulnerabilities published directly by vendors in 2025 lacked corresponding CISA advisories, creating visibility gaps. Nigerian national sentenced to prison in US A 37-year-old Nigerian man named Matthew A. Akande, who was living in Mexico, was sentenced to eight years in prison in the US for his involvement in a multi-year operation that involved unauthorized access to the computer networks of tax preparation firms in Massachusetts. He and co-conspirators used stolen personally identifiable information to file over 1,000 fraudulent tax returns, resulting in more than $1.3 million in fraudulent refunds obtained from the US government. Akande was ordered to pay approximately $1.4 million in restitution. He was extradited to the United States after his arrest in the United Kingdom. Google strengthens protections across Play Store and Android ecosystem Google prevented more than 1.75 million policy-violating apps from being published on Google Play and banned over 80,000 developer accounts attempting to distribute harmful applications during 2025. The company integrated generative AI into the review process for better detection of malicious patterns, blocked excessive data access in over 255,000 apps, and stopped 160 million spam ratings and reviews. Google Play Protect last year expanded its scanning to over 350 billion Android apps daily, and identified more than 27 million new malicious apps from outside sources. Related: In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine Related: In Other News: Record DDoS, Epstein’s Hacker, ESET Product Vulnerabilities WRITTEN BY SecurityWeek News More from SecurityWeek News VulnCheck Raises $25 Million in Series B Funding to Scale Vulnerability Intelligence In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine Webinar Today: Identity Under Attack – Strengthen Your Identity Defenses GitGuardian Raises $50 Million for Secrets and Non-Human Identity Security Vega Raises $120M in Series B Funding to Grow Security Analytics Platform In Other News: Record DDoS, Epstein’s Hacker, ESET Product Vulnerabilities In Other News: Paid for Being Jailed, Google’s $68M Settlement, CISA Chief’s ChatGPT Leak In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice Latest News BeyondTrust Vulnerability Exploited in Ransomware Attacks FBI: $20 Million Losses Caused by 700 ATM Jackpotting Attacks in 2025 Chip Testing Giant Advantest Hit by Ransomware PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence French Government Says 1.2 Million Bank Accounts Exposed in Breach Nearly 1 Million User Records Compromised in Figure Data Breach Venice Security Emerges From Stealth With $33M Funding for Privileged Access Management Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025 TRENDING Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration German Rail Giant Deutsche Bahn Hit by Large-Scale DDoS Attack New Keenadu Android Malware Found on Thousands of Devices Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group French Government Says 1.2 Million Bank Accounts Exposed in Breach Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025 Password Managers Vulnerable to Vault Compromise Under Malicious Server Nearly 1 Million User Records Compromised in Figure Data Breach Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Identity Under Attack: Why Every Business Must Respond Now February 11, 2026 Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise. Register Virtual Event: Ransomware Resilience & Recovery 2026 Summit February 25, 2026 SecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats. Submit PEOPLE ON THE MOVE Yuneeb Khan has been named Chief Financial Officer of KnowBe4, succeeding Bob Reich, who is retiring. Cyera has appointed Brandon Sweeney as President, Shira Azran as Chief Legal Officer and Joseph Iantosca a