Bitdefender announced the release of its Bitdefender Threat Debrief | February 2026, a monthly intelligence report designed to help organizations track emerging ransomware activity, attacker tactics, and shifting victimology using a blend of OSINT and observed data-leak-site (DLS) trends.
The February Threat Debrief analyzes ransomware claims posted between January 1–31 and records 831 claimed victims, representing nearly 10% growth compared to the same period the prior year.
Key findings and highlights from the February 2026 Threat Debrief
- 0APT’s rapid “victim” surge raises red flags: The debrief spotlights 0APT, a previously unknown group that claimed 91 victims in two days—a pace Bitdefender notes is suspicious for a new entrant and may be explained by factors such as inaccurate infection polling from sandbox environments rather than verified compromises.
- Notepad++ compromise used in targeted attacks: Bitdefender highlights reports that compromised Notepad++ updates have been used to target organizations in Asia and Central America, with potential impact dating back to June 2025 and affecting versions preceding 8.9.1.
- Healthcare data extortion escalates: The report notes FulCrumSec’s claimed responsibility for a healthcare breach impacting 160,000+ ID-linked individuals and close to a million exposed patients, including exposure of sensitive patient data.
- Ransomware ecosystem shifts: The debrief also covers Clop’s return to the “Top 10” list (including 90 claimed victims in January) and the reported disruption of the RAMP forum following an FBI-led operation.
- Operational reality check from MDR: Bitdefender’s MDR incident insights emphasize that modern ransomware incidents are increasingly credential-led and tool-driven, underscoring the need for proactive detection of credential dumping, privilege escalation, lateral movement, and remote tool abuse.
Read the report
The full February 2026 edition is available here: Bitdefender Threat Debrief | February 2026. Organizations looking to strengthen prevention, detection, and response can learn more about Bitdefender’s enterprise cybersecurity solutions.
About Bitdefender
Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumers, enterprises, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in over 170 countries with offices around the world. For more information, visit www.bitdefender.com.
