NEWS ROUNDUP – 25th February 2026

Australia’s ACSC released Azul, an open-source malware analysis tool, as defenders tracked vishing-driven access at Optimizely and extortion claims hitting Wynn Resorts and Air Côte d’Ivoire. Researchers detailed a GitHub Copilot prompt-injection chain and an NPM supply-chain campaign dubbed Sandworm_Mode. Spain arrested Anonymous Fénix suspects, while U.S. Treasury sanctioned a bulletproof hosting provider. NIST updated CSF guidance; CarGurus disclosed breach.