Cyberweapons assisted US strikes on Iranian nuclear facilities.

Summary

By the CyberWire staff

Cyberweapons assisted US strikes on Iranian nuclear facilities.

The Record reports that the US military used cyber capabilities to disrupt Iranian air missile defense systems during last year's US strikes on Iran's nuclear sites. An anonymous source familiar with the operation said, "Military systems often rely on a complex series of components, all working correctly. A vulnerability or weakness at any point can be used to disrupt the entire system." US operators, assisted by intelligence from the NSA, targeted an "Achilles heel" that prevented Iran from launching surface-to-air missiles at the American bombers.

The sources didn't elaborate on the specifics of the attack. A Cyber Command spokesperson told the Record, "US Cyber Command was proud to support Operation Midnight Hammer and is fully equipped to execute the orders of the Commander-in-Chief and the Secretary of War at any time and in any place."

Secure enterprise AI with Glean and Palo Alto Networks, live on Feb 26

Security leaders are under pressure to move fast on AI while keeping firm control over risk. On February 26 at 10:30 AM PT, join security leaders from Glean and Palo Alto Networks for a live fireside chat on securing enterprise AI. Learn what to secure across the AI lifecycle—from models and data to agents—and the practical guardrails Security should own to reduce risk without slowing the business.

ShinyHunters extortion group publishes data allegedly stolen from Harvard and UPenn.

The ShinyHunters extortion group has published data allegedly stolen from Harvard University and the University of Pennsylvania, TechCrunch reports. Both schools disclosed data breaches in November 2025 after falling victim to social engineering attacks. The ShinyHunters say they've published the data because the universities refused to pay a ransom.

UPenn is analyzing the leaked data, while Harvard hasn't responded to a request for comment. TechCrunch says the data appears to match the information that the universities said was stolen, which included personal information of students and alumni.

Experience the Power of Community at RSAC 2026 Conference

RSAC™ 2026 Conference returns to San Francisco March 23–26, bringing together the global cybersecurity community for four days of expert insights, hands-on learning, and breakthrough innovation. Join thousands of practitioners, executives, and innovators as they tackle today’s toughest challenges and explore solutions shaping tomorrow. From cutting-edge ideas to immersive programs and vibrant networking, this is where meaningful progress happens. Register today and be part of the conversations driving cybersecurity forward.

Substack warns of data breach.

Publishing platform Substack is notifying users of a breach that exposed their email addresses and phone numbers, BleepingComputer reports. The incident occurred in October 2025, and Substack discovered the breach this past Tuesday. Substack CEO Chris Best said in a breach notification email, "On February 3rd, we identified evidence of a problem with our systems that allowed an unauthorized third party to access limited user data without permission, including email addresses, phone numbers, and other internal metadata. This data was accessed in October 2025. Importantly, credit card numbers, passwords, and financial information were not accessed."

Substack warns users to be on the lookout for suspicious emails or text messages.

Notes.

Today's issue includes events affecting , and Iran the United States.

Attacks, Threats, and Vulnerabilities

The Shadow Campaigns: Uncovering Global Espionage (Unit 42) In 2025 a threat group compromised government and critical infrastructure in 37 countries, with reconnaissance in 155.

Legislation, Policy, and Regulation

Spain will ban social media for kids under 16 (The Record) "We will protect [children] from the digital Wild West," Prime Minister Pedro Sanchez reportedly said in remarks at the World Government Summit in Dubai.

Litigation, Investigation, and Law Enforcement

“Incognito Market” Owner Sentenced To 30 Years For Operating One Of The World’s Largest Online Narcotics Marketplaces (US Justice Department) Rui-Siang Lin Used the Identity of “Pharaoh” to Operate Incognito Market, Which Sold More Than $105 Million of Illegal Narcotics to Customers Around the World

Industry Events

For a complete running list of events, please visit the Event Tracker.

Events

HIP Europe 26 (Frankfurt, Germany, Feb 10, 2026) Get ready to elevate your identity security skills at HIP Europe — your gateway to becoming a Hybrid Identity Protection (HIP) Hero. With the departure of original Active Directory experts and the rise of identity as the primary attack surface, the need for identity threat detection and response (ITDR) talent has never been greater. This event is the perfect opportunity to enhance your (or your team's) ITDR strategy and strengthen your organization's operational resilience.

Wild West Hackin’ Fest @ Mile High 2026 (Denver, Colorado, USA, Feb 11 - 13, 2026) More than just a conference, Wild West Hackin’ Fest (WWHF) is committed to offering high quality information security education to beginners and seasoned professionals alike. With reasonably priced training, conferences, hands-on labs, and workshops, WWHF lowers the barrier to entry for those seeking to enter into the world of information security. WWHF also offers a venue for those already established in the industry to share ideas, give back, and continue learning.

AI SOC Summit (Tysons, Virginia, USA, Mar 3, 2026) For Security Teams who use AI and defend AI deployments: There is a lot of AI hype for Sec Ops. Come hang out as early adopters of AI dive into the good, the bad and the ugly . No vendor pitches, no AI theory. If you are trying out AI products for Sec Ops or building them in house, this is the place for you.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.

Daily Briefing for 02.05.26

Top stories.

Cyberweapons assisted US strikes on Iranian nuclear facilities.

ShinyHunters extortion group publishes data allegedly stolen from Harvard and UPenn.

Substack warns of data breach.

Notes.

Attacks, Threats, and Vulnerabilities

Legislation, Policy, and Regulation

Litigation, Investigation, and Law Enforcement

Events