Medusa‑linked Storm‑1175 conducts fast‑moving attacks that escalate quickly to ransomware, Iran‑linked actors launch widespread password spraying attacks against Microsoft 365 accounts, and more. Here are the latest threats to MSP security.

The Acronis TRU team identified a threat cluster leveraging a customized Adwind (Java RAT) variant with polymorphic characteristics to deliver a ransomware module, tracked as ‘JanaWare.' Analysis of malware samples, infrastructure and telemetry indicates the campaign is likely focused on Turkish users.

Backups were once judged by a single question: Did the job succeed? That is no longer enough. In a ransomware event, the more important question is whether the attacker can delete or change the recovery points before the business starts to recover. Immutable backup storage addresses that exact problem by making a protected backup copy impossible to delete or overwrite for a defined number of days.

CareCloud confirms patient data theft after cyberattack disrupted health care systems, Google issues out‑of‑band patch for yet another Chrome zero day under active exploitation, and more. These are the latest threats to MSP security.

Actively exploited Langflow vulnerability allows attackers to hijack exposed AI workflows, Smart Slider 3 vulnerability exposes sensitive server files on hundreds of thousands of WordPress sites, and more. These are the latest threats to MSP security.

The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and Acronis sensors. Figures presented here were gathered in February 2026 and reflect threats that Acronis detected, as well as news stories from the public domain.

Interlock ransomware exploits a zero‑day flaw in Cisco firewall management infrastructure, Marquis confirms ransomware incident that exposed 672,000 individuals and impacted 74 banks, and more. Here are the latest threats to MSP security.