---
title: "UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign , Cybersecurity News [February 23, 2026] | DuoCircle"
description: "UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign, Cybersecurity News [February 23."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-9-of-2026/"
---

Quick Answer

Week 9, 2026 cyber news: medical device maker UFP Technologies (4,300 staff, \~$600M revenue) discloses a Feb 14 cyber incident affecting label and billing systems with sensitive data exfiltrated (no group has claimed responsibility); 126-year-old Olympique de Marseille reissues all entry as e-tickets after attackers leak staff and supporter data; Kaspersky uncovers a phishing campaign abusing legitimate @google.com Google Tasks notifications to harvest corporate logins via fake employee verification pages; UK Cyber Security Breaches Survey 2025 finds 29% of firms hit by remote/hybrid-work phishing (74% of large, 67% of medium), with December 2025 attempts at an all-time high.

UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign , Cybersecurity News \[February 23, 2026\]

Your browser does not support the audio element.

[ Download episode](https://media.mailhop.org/duocircle/images/2026/03/UFP-Cyber-Compromise-Marseille-Ticket-Breach-Google-Phishing-Campaign---Cybersecurity-News-February-23-2026.mp3) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-9-of-2026%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=UFP%20Cyber%20Compromise%2C%20Marseille%20Ticket%20Breach%2C%20Google%20Phishing%20Campaign%20%2C%20Cybersecurity%20News%20%5BFebruary%2023%2C%202026%5D&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-9-of-2026%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-9-of-2026%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-9-of-2026%2F&title=UFP%20Cyber%20Compromise%2C%20Marseille%20Ticket%20Breach%2C%20Google%20Phishing%20Campaign%20%2C%20Cybersecurity%20News%20%5BFebruary%2023%2C%202026%5D "Share on Reddit") [ ](mailto:?subject=UFP%20Cyber%20Compromise%2C%20Marseille%20Ticket%20Breach%2C%20Google%20Phishing%20Campaign%20%2C%20Cybersecurity%20News%20%5BFebruary%2023%2C%202026%5D&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-9-of-2026%2F "Share via Email") 

![cybersecurity news](https://media.mailhop.org/duocircle/images/2026/03/spf-permerror-5633.jpg) 

Here are the top 4 recent cyber incidents that kept the security experts on their toes. The renowned medical equipment **manufacturer UFP Technologies** was targeted by threat actors. _On Wednesday, Olympique de Marseille experienced a cyber mishap, after which the authorities decided to reissue e-tickets_. Meanwhile, there has been a sudden spike in phishing attacks on UK organizations. Also, a group of cybercrooks is using @google.com to run a [new phishing campaign](https://thehackernews.com/2026/02/slh-offers-5001000-per-call-to-recruit.html).

## Sensitive data belonging to UFP Technologies has been compromised in a recent cyber incident!

UFP Technologies is an American medical device manufacturing company. It deals in a wide range of **medical equipment** required for orthopedic applications, surgery, implants, and wound care, etc. With an employee base of 4,300 people, the medical equipment manufacturer generates annual revenue of [$600 million.](https://pitchbook.com/profiles/company/41087-98#stock)

On Tuesday, it filed with the **US Securities and Exchange Commission**. The manufacturer noticed malicious activities on its IT systems. This happened back on February 14\. UFP Technologies wasted no time and deployed remediation strategies. It has also been taking advice from external cybersecurity advisors.

According to preliminary results of the investigation, UFP Tech believes the cyber threat has been successfully eliminated. However, the threat actors had already managed to wipe away sensitive data.

[![UFP Technologies](https://media.mailhop.org/duocircle/images/2026/03/spf-permerror-5053.jpg)](https://media.mailhop.org/duocircle/images/2026/03/spf-permerror-5053.jpg)

The [cyber incident](https://www.claimsjournal.com/news/national/2025/10/15/333537.htm) impacted those IT systems that take care of label making and billing for customers. Company-related data has also been compromised.

Experts believe that it was a [ransomware attack](https://www.msspalert.com/news/ingram-micro-working-through-ransomware-attack-by-safepay-group), though no official confirmation has been made yet. Also, no threat group has claimed responsibility for the attack on UFP Technologies so far.

Authorities are also investigating whether or not the **personal data of clients** has been compromised. 

## Olympique de Marseille reissues e-tickets after cyberattack

OM, an almost 126-year-old professional football club, was targeted by a group of [threat actors](/email-security/what-threat-actor-can-do-with-your-emails-without-password/) on Wednesday. The club believes that it was an attempt to break into the **IT systems of the club**. They managed to contain the attack soon. The authorities have assured that passwords and bank data have not been compromised.

Authorities have decided to take additional safety measures. _So physical tickets for a particular match won’t be available. Instead of the physical ticket, the authorities have decided to issue e-tickets for the match_. Without an e-ticket, getting an entry at the stadium is barred. So you need to **download your e-ticket** by logging in and entering your personal details.

A cybercrook has claimed responsibility for the [cyberattack this Monday](https://openthemagazine.com/world/us-issues-lone-wolf-and-cyberattack-alert-amid-operation-epic-fury-strikes-on-iran). They have also leaked a screenshot of the [leaked data](https://cybernews.com/security/billions-credentials-exposed-infostealers-data-leak/) on the dark web. The threat actor has claimed that the stolen data contains sensitive data like **staff and supporter information**.

_Technical teams and other associated service providers did not hesitate to jump into action as soon as they learned of the cyber mishap_. The French football club also stated that all its **operations are running smoothly** without any interferences.

[![cyber awareness](https://media.mailhop.org/duocircle/images/2026/03/spf-record-check-5051.jpg)](https://media.mailhop.org/duocircle/images/2026/03/spf-record-check-5051.jpg)

## Threat actors are misusing Google to run a new phishing campaign, warns Kaspersky!

A new phishing campaign is doing the rounds, which involves legitimate Google Tasks. The actors have been abusing the **@google.com email domain** to go undetected through security mechanisms. Also, using popular names like Google increases credibility.

Kaspersky researchers have discovered this new phishing campaign, which involves cybercrooks misusing Google Tasks notifications in order to gain access to the login credentials of **corporate employees**.

Victims get tricked by a [legitimate-looking Google Tasks notification](https://www.techrepublic.com/article/news-google-notifications-phishing-campaign-email-security/). The subject line of the notification will look like this: “You have a new task.” The notification implies that the organization in which the employee works has started using Google Tasks to streamline internal workflows. _In order to boost the success rate of the phishing campaign, threat actors often use proven tactics like short deadlines, urgency markers, and so on_.

When the victim clicks on such a notification, they get redirected to a [malicious webpage](https://thehackernews.com/2026/02/malicious-chrome-extensions-caught.html) that looks like an **employee verification form**. Here, victims are required to enter their login details in order to verify their employment status. Cybercrooks can then misuse these login credentials to carry out data theft and similar other threat attacks.

Kaspersky has urged users to avoid clicking on any random notification. It is better to verify the details **through official websites**.

[![phishing ](https://media.mailhop.org/duocircle/images/2026/03/spf-record-tester-5052.jpg)](https://media.mailhop.org/duocircle/images/2026/03/spf-record-tester-5052.jpg)

## UK organizations are experiencing a sudden spike in phishing attacks

The remote and hybrid work culture has made employees’ lives a bit easier. But at the same time, it has also increased the risk of cyberattacks. **UK enterprises are currently** facing phishing attacks left, right, and center, especially those involving remote and hybrid work setups.

According to the **Cyber Security Breaches Survey 2025**, around [29% of UK enterprises](https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2025/cyber-security-breaches-survey-2025) have faced one or more phishing attacks over the last year. Each of these cyberattacks was related to hybrid or remote working systems.

It seems that the threat actors are now targeting organizations based on their size. For example, [74%](https://itbrief.co.uk/story/uk-firms-hit-by-surge-in-phishing-tied-to-remote-work) large organizations experienced phishing attempts. The number was limited to 67% when it comes to medium-sized enterprises.

Nasstar findings also clearly show that phishing attacks were at an all-time high in December 2025\. 

[![cybersecurity pulse](https://media.mailhop.org/duocircle/images/2026/03/email-sending-services-6788.jpg)](https://media.mailhop.org/duocircle/images/2026/03/email-sending-services-6788.jpg)

The positive side of this is that employees are actually getting more aware of the cybersecurity situations. Searches around “what is [spear phishing](/content/spear-phishing-prevention) in cybersecurity” increased by a massive 1500%. Similarly, “phishing link checker” **query increased by 600%**. 

_Since remote and hybrid work setup uses collaboration software, cloud storage, file sharing, and similar other tools, threat actors use the vulnerabilities as entry points to exploit credentials and other personal data_.

[Cybersecurity](/) experts suggest that remote workers be extra vigilant while operating online. From notifications to CAPTCHA, everything should be taken with a pinch of salt, as threat actors are becoming more sophisticated with every passing day. It is recommended to practice cyber hygiene regularly. Also, using MFA and **double-checking every message**, email, and notification can safeguard data from the prying eyes of phishing actors.

## Topics

cyber securityNewsSecurityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 6m  Microsoft Cybersecurity Transparency, Chrome Update Required, Google Calendar Phishing, Cybersecurity News \[December 23, 2024\]  Jan 2, 2025 ](/blog/announcements/cyber-security-news-update-week-1-of-2025/)[  News 6m  Trust Wallet Hack, Browser Extension Espionage, Unleash Protocol Loss, Cybersecurity News \[December 29, 2025\]  Jan 5, 2026 ](/blog/announcements/cyber-security-news-update-week-1-of-2026/)[  News 7m  Bybit’s $1.5B Loss, FatalRAT Hits APAC, GitVenom Targets Wallets,, Cybersecurity News \[February 24, 2025\]  Mar 3, 2025 ](/blog/announcements/cyber-security-news-update-week-10-of-2025/)[  News 6m  LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News \[March 02, 2026\]  Mar 9, 2026 ](/blog/announcements/cyber-security-news-update-week-10-of-2026/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign , Cybersecurity News [February 23, 2026]","description":"UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign, Cybersecurity News [February 23.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-9-of-2026/","datePublished":"2026-03-02T16:39:58.000Z","dateModified":"2026-03-03T18:42:59.000Z","dateCreated":"2026-03-02T16:39:58.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-9-of-2026/"},"articleSection":"announcements","keywords":"cyber security, News, Security, Updates","wordCount":988,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/03/spf-permerror-5633.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign , Cybersecurity News [February 23, 2026]","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-9-of-2026/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign , Cybersecurity News [February 23, 2026]","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-9-of-2026/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign , Cybersecurity News [February 23, 2026]","description":"UFP Cyber Compromise, Marseille Ticket Breach, Google Phishing Campaign, Cybersecurity News [February 23.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-9-of-2026/","datePublished":"2026-03-02T16:39:58.000Z","dateModified":"2026-03-03T18:42:59.000Z","dateCreated":"2026-03-02T16:39:58.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-9-of-2026/"},"articleSection":"announcements","keywords":"cyber security, News, Security, Updates","wordCount":988,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/03/spf-permerror-5633.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```