🚨 CISA KEV 1[−]
31 Mar KEV5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wildA vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentication remote code execution flaw that is now under active exploitation. Hackers are using it to deploy a persistent malware…CSOONLINE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 27[−]
31 MarAL26-006 - Vulnerability impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2026-3055CYBER.GC.CA
31 Mar KEVTrueConf Zero-Day Exploited in Attacks on Southeast Asian Government NetworksA high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos. The vulnerability in question is CVE-2026-3502 (CVSS score: 7.8), …THEHACKERNEWS.COM
31 MarCVE-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64Information published.MSRC.MICROSOFT.COM
31 MarCVE-2026-0965 Libssh: libssh: denial of service via improper configuration file handlingInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33750 brace-expansion: Zero-step sequence causes process hang and memory exhaustionInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-blockInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template CompilationInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type ConfusionInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keysInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`Information published.MSRC.MICROSOFT.COM
31 MarCVE-2026-25645 Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility functionInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processingInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-0966 Libssh: buffer underflow in ssh_get_hexa() on invalid inputInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-0964 Libssh: improper sanitation of paths received from scp serversInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33895 Forge has signature forgery in Ed25519 due to missing S > L checkInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33896 Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)Information published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33891 Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero InputInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams serversInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33941 Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and OptionsInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33916 Handlebars.js has Prototype Pollution Leading to XSS through Partial Template InjectionInformation published.MSRC.MICROSOFT.COM
31 MarCVE-2026-33940 Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partialInformation published.MSRC.MICROSOFT.COM
31 MarChromium: CVE-2026-4676 Use after free in DawnThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
31 MarZDI-26-250: Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation VulnerabilityThis vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of…ZERODAYINITIATIVE.COM
⚠️ VULNERABILITY DISCLOSURE 36[−]
31 Mar KEVCISA orders feds to patch actively exploited Citrix flaw by ThursdayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their Citrix NetScaler appliances against an actively exploited vulnerability by Thursday. [...]BLEEPINGCOMPUTER.COM
31 MarCrewAI Vulnerabilities Expose Devices to HackingAttackers can exploit the bugs through prompt injection, chaining them together to escape the sandbox and execute arbitrary code. The post CrewAI Vulnerabilities Expose Devices to Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
31 MarGoogle Slashes Quantum Resource Requirements for Breaking Cryptocurrency EncryptionGoogle researchers have shown that breaking the encryption of Bitcoin and Ethereum requires 20x fewer qubits. The post Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption appeared first on SecurityWeek .SECURITYWEEK.COM
31 MarExploitation of Critical Fortinet FortiClient EMS Flaw BeginsThe SQL injection vulnerability allows unauthenticated attackers to execute arbitrary code remotely, via crafted HTTP requests. The post Exploitation of Critical Fortinet FortiClient EMS Flaw Begins appeared first on SecurityWeek .SECURITYWEEK.COM
31 MarStrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNsRemotely exploitable, the integer underflow vulnerability impacts StrongSwan releases spanning 15 years. The post StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs appeared first on SecurityWeek .SECURITYWEEK.COM
31 MarVertex AI Vulnerability Exposes Google Cloud Data and Private ArtifactsCybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex AI platform that could allow artificial intelligence (AI) agents to be weaponized by an attacker to gain unauthorized access to sensitive data and compromise an organization's cloud environm…THEHACKERNEWS.COM
31 MarThe AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom PriorityThe cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities or tools, but a dramatic increase in speed. Speed of attack, speed of exploitation, and speed of change across modern environments. This is…THEHACKERNEWS.COM
31 MarSilver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake DomainsChinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT. "The operation covers VPN clients, encrypted messengers, video conferen…THEHACKERNEWS.COM
31 MarThe New Playground for Cybercriminals: Securing the Microsoft Teams FrontierWith 320 million daily users on Microsoft Teams, the ability to connect with colleagues across the organization has never been more seamless… or more targeted. The shift isn’t just about where we talk; it's about how we are being attacked. Threat actors moving beyond phishing ema…KNOWBE4.COM
31 MarPNG Vulnerabilities Allow Attackers to Trigger Crashes and Leak Sensitive DataSecurity researchers have disclosed two high-severity vulnerabilities in libpng, the widely deployed reference library used for processing Portable Network Graphics (PNG) image files. These critical flaws allow remote attackers to trigger process crashes, leak sensitive heap memo…GBHACKERS.COM
31 MarApple Adds ClickFix Attack Warnings in New macOS Tahoe Security FeatureApple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known as ClickFix attacks. This defense intercepts potentially harmful commands before they are pasted into the Terminal application, breaking the infe…GBHACKERS.COM
31 MarTax Filing Scams Used to Deliver Malware in New Cybercrime CampaignsCybercriminals are once again exploiting global tax seasons, abusing IRS and tax filing lures to deliver malware, remote monitoring and management (RMM) tools, and credential phishing in a wave of new 2026 campaigns. Security researchers have already tracked more than a hundred t…GBHACKERS.COM
31 MarCareCloud Data Breach Exposes Patient Data After Hackers Access IT SystemsCareCloud, Inc., a prominent healthcare technology provider, has disclosed a material cybersecurity incident involving unauthorized access to its electronic health record (EHR) infrastructure. The security event was first detected on March 16, 2026, when the CareCloud Health divi…GBHACKERS.COM
31 MarHacker hijacks Axios open-source project, used by millions, to push malwareA hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack.TECHCRUNCH.COM
31 MarIranian hackers breach FBI director’s personal email, and post his CV and photos onlineIt's not every day that you read that the head of America's top law enforcement agency has been hacked, but then - these aren't ordinary times. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
31 MarVRP 2025 Year in ReviewPosted by Dirk G ö hmann, Tony Mendez, and the Vulnerability Rewards Program Team 2025 marked a special year in the history of vulnerability rewards and bug bounty programs at Google: our 15th anniversary 🎉🎉🎉! Originally started in 2010 , our vulnerability reward program (VRP) ha…SECURITY.GOOGLEBLOG.COM
31 MarOpenAI patches twin leaks as Codex slips and ChatGPT spillsOpenAI has fixed two flaws in its AI stack that could allow AI agents to move sensitive data in unintended ways. The issues, disclosed by researchers at BeyondTrust and Check Point Research, affect the OpenAI Codex coding agent and ChatGPT’s code execution environment, respective…CSOONLINE.COM
31 Mar8 ways to bolster your security posture on the cheapAs every CISO knows, maintaining a strong cybersecurity posture is costly. What’s not so well known is that there are many ways cybersecurity can be enhanced with the help of relatively trivial investments. Simply by thinking creatively, a security leader can substantially boost …CSOONLINE.COM
31 MarThe external pressures redefining cybersecurity riskOver the last four years, I’ve watched organizations get blindsided by threats that originated in a third-party network. More than 35% of data breaches are caused by a compromised vendor or partner, not by any failure in the organization’s controls. While many organizations know …CSOONLINE.COM
31 Mar KEV6 key takeaways from RSA Conference 2026Writing a conference preview is an act of professional speculation. You read the agenda, map the schedule session density, and make your personal best call about where the intellectual energy will concentrate. From my perspective going in, RSA Conference 2026 outlined a defining …CSOONLINE.COM
31 MarDeveloping the Skills Needed for Modern Software Development - Keith Hoodlet, Ron Rasi... - ASW #376The future of secure software is going through a mix of skills expected of humans and skills files created for LLMs. We might even posit that appsec as a discipline will fade (and that might not even be a bad thing!). Keith Hoodlet describes the skills he was looking for in build…YOUTUBE.COM
31 MarVulnerability Research Is Cooked — Quarrelsomesubmitted by cm0002 to cybersecurity 2 points | 1 comments https://sockpuppet.org/blog/2026/03/30/vulnerability-research-is-cooked/ For the last two years, technologists have ominously predicted that AI coding agents will be responsible for a deluge of security vulnerabilities. T…INFOSEC.PUB
31 MarCybercriminals Exploit Tax Season With New Phishing Tactics - Infosecurity Magazinesubmitted by kid to cybersecurity 7 points | 0 comments https://www.infosecurity-magazine.com/news/tax-season-new-phishing-tactics/SH.ITJUST.WORKS
31 MarHackers exploiting critical F5 BIG-IP flaw in attacks, patch nowsubmitted by kid to cybersecurity 8 points | 0 comments https://www.bleepingcomputer.com/news/security/hackers-now-exploit-critical-f5-big-ip-flaw-in-attacks-patch-now/SH.ITJUST.WORKS
31 MarCisco source code stolen in Trivy-linked dev environment breachCisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. [...]BLEEPINGCOMPUTER.COM
31 MarAndroid Developer Verification Rollout Begins Ahead of September EnforcementGoogle on Monday said it's officially rolling out Android developer verification to all developers to combat the problem of bad actors distributing harmful apps while "hiding behind anonymity." The development comes ahead of a planned verification mandate that goes into effect in…THEHACKERNEWS.COM
31 MarAttackers trojanize Axios HTTP library in highest-impact npm supply chain attackAttackers compromised the npm account of the lead maintainer of Axios, a widely used JavaScript HTTP client library, and used it to publish malicious versions of the package that deployed a cross-platform remote access trojan on developer machines. The incident represents the hig…CSOONLINE.COM
31 MarBeyond the Hype: Cyber Readiness, Zero Trust, and an Unscripted Conversation - SWN #568In the AI era, cybersecurity is undergoing a fundamental shift as AI agents transform both the speed and scale of attacks. In this interview, Gibb Witham, President and Chief Financial Officer of Hack The Box, explains why organizations must move beyond assumed AI capability towa…YOUTUBE.COM
31 MarClaude AI finds Vim, Emacs RCE bugs that trigger on file openVulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow remote code execution simply by opening a file. [...]BLEEPINGCOMPUTER.COM
31 MarCisco source code stolen in Trivy-linked dev environment breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/cisco-source-code-stolen-in-trivy-linked-dev-environment-breach/SH.ITJUST.WORKS
31 MarClaude Code source code accidentally leaked in NPM packageAnthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no customer data or credentials were exposed. [...]BLEEPINGCOMPUTER.COM
31 MarMultiple Vulnerabilities in Apple Products Could Allow for Privilege EscalationMultiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for privilege escalation. Successful exploitation of the most severe of these vulnerabilities could allow a user to elevate privileges. Depending on the privileges associated wit…CISECURITY.ORG
31 MarNorth Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain AttackWritten by: Austin Larsen, Dima Lenz, Adrian Hernandez, Tyler McLellan, Christopher Gardner, Ashley Zaya, Michael Rudden, Mon Liclican Introduction Google Threat Intelligence Group (GTIG) is tracking an active software supply chain attack targeting the popular Node Package Manage…CLOUD.GOOGLE.COM
31 MarSupply chain attack on Axios npm package: Scope, impact, and remediationsThe Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft, including the loss of credentials and API key…TENABLE.COM
31 MarWhat’s new in Tenable Cloud Security: Custom policies, AWS ABAC, and research-driven protectionStop the noise and scale your cloud security. Our latest updates introduce custom policy automation via Explorer, AWS ABAC support for true least privilege, and research-backed protection against critical vulnerabilities, all designed to slash MTTR without disrupting your DevOps …TENABLE.COM
31 MarHow we made Trail of Bits AI-native (so far)This post is adapted from a talk I gave at [un]prompted , the AI security practitioner conference. Thanks to Gadi Evron for inviting me to speak. You can watch the recorded presentation below or download the slides . Most companies hand out ChatGPT licenses and wait for the produ…TRAILOFBITS.COM
📋 SECURITY BULLETINS 1[−]
31 MarLloyds Data Security Incident Impacts 450,000 IndividualsA faulty software update led to the exposure of mobile banking users’ transactions to other users of the application. The post Lloyds Data Security Incident Impacts 450,000 Individuals appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 18[−]
31 MarDutch Finance Ministry takes treasury banking portal offline after breachThe Dutch Ministry of Finance took some of its systems offline, including the digital portal for treasury banking, while investigating a cyberattack detected two weeks ago. [...]BLEEPINGCOMPUTER.COM
31 MarWindows Tools Abused to Kill AV Ahead of Ransomware AttacksHackers are increasingly turning legitimate Windows administration tools into stealthy weapons to disable antivirus and EDR before launching ransomware, making attacks faster, quieter, and harder to stop. Instead of dropping noisy custom malware upfront, modern operators chain tr…GBHACKERS.COM
31 MarDutch Finance Ministry Responds to Cyberattack by Taking Systems OfflineThe Dutch Ministry of Finance is actively managing a significant cybersecurity incident after discovering unauthorized access to its internal Information and Communication Technology (ICT) systems. The breach has prompted immediate defensive measures, including the deliberate shu…GBHACKERS.COM
31 MarDutch Finance Ministry takes treasury banking portal offline after breachsubmitted by kid to cybersecurity 5 points | 0 comments https://www.bleepingcomputer.com/news/security/dutch-finance-ministry-takes-treasury-banking-portal-offline-after-breach/SH.ITJUST.WORKS
31 MarNew compliance guide available: ISO/IEC 27001:2022 on AWSWe’re excited to announce the release of our latest compliance guide, ISO/IEC 27001:2022 on AWS, which provides practical guidance for organizations designing and operating an Information Security Management System (ISMS) using AWS services. As organizations migrate critical work…AWS.AMAZON.COM
🔥 INCIDENT REPORTING 17[−]
31 MarThe Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t TrustData integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. The post The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust appeared first on SecurityWeek .SECURITYWEEK.COM
31 MarStolen Logins Are Fueling Everything From Ransomware to Nation-State CyberattacksReport shows how industrialized credential theft underpins ransomware, SaaS breaches, and geopolitical attacks, shifting security focus from prevention to detecting misuse of legitimate access. The post Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberatt…SECURITYWEEK.COM
31 MarWeekly Update 497Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Day by day, I find we're eeking more goodness out of OpenClaw and finding the sweet spot between what the humans do well and the a…TROYHUNT.COM
31 MarAxios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm AccountThe popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems. Versions 1.14.1 and 0.30.4 of Axios hav…THEHACKERNEWS.COM
31 MarApplication Control Bypass for Data Exfiltration, (Tue, Mar 31st)In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy in place. If exfiltration happened, it means a total loss of control of the stolen data with all the consequences (PII, CC…ISC.SANS.EDU
31 MarTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)This is the fourth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0; "When the Security Scanner Became the Weapon" &#;x26;#;xc2;&#;x26;…ISC.SANS.EDU
31 MarWhatsApp malware campaign delivers VBScript and MSI backdoorsA malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack leverages renamed Windows tools and cloud-hosted payloads to install MSI backdoors and maintain persistent access to compromised systems. The post WhatsApp mal…MICROSOFT.COM
31 MarAxios NPM Packages Breached in Ongoing Supply Chain AttackA severe supply chain attack has compromised the widely used Axios HTTP client on the npm registry. Attackers injected a malicious dependency into specific Axios releases, exposing millions of developers to a multi-stage remote access trojan capable of executing arbitrary command…GBHACKERS.COM
31 MarTelegram-Based ResokerRAT Adds Screenshot Capture and PersistenceHackers are deploying a new Windows malware called ResokerRAT, a Telegram‑based Remote Access Trojan (RAT) that gives attackers stealthy remote control over infected systems. Instead of relying on a traditional command‑and‑control (C2) server, ResokerRAT abuses the Telegram Bot A…GBHACKERS.COM
31 MarGoogle Introduces Advanced Ransomware Defense and Recovery Features in DriveGoogle has officially moved its advanced ransomware detection and file restoration features for Google Drive out of beta, making them generally available to organizations globally. Originally launched for beta testing in September 2025, these security enhancements are designed to…GBHACKERS.COM
31 MarCuties AI - 144,250 breached accountsIn March 2026, the NSFW AI companion platform Cuties AI suffered a data breach that was subsequently published to a public hacking forum . The incident exposed 144k unique email addresses along with display names, avatars, prompts and descriptions used to generate AI adult images…HAVEIBEENPWNED.COM
31 MarFahndung nach Cyberkriminellen – 130 Firmen attackiert130 Unternehmen und Institutionen gerieten ins Visier der Hacker. Tayler Derden | shutterstock.com Nach jahrelangen Cybercrime-Angriffen auf mehr als Hundert Unternehmen und Einrichtungen in Deutschland haben Ermittler zwei zentrale Verdächtige identifiziert. Der eine sei der mut…CSOONLINE.COM
31 MarWhy ransomware is now after your data — and how to protect your home storage | Kaspersky official blogRansomware is increasingly targeting home backups on NAS, cloud storage, and external drives. Here’s how these attacks work, and how to keep your family photos and documents safe.KASPERSKY.COM
31 MarSupply Chain Attack on Axios Pulls Malicious Dependency from npmsubmitted by codeinabox to security 4 points | 0 comments https://socket.dev/blog/axios-npm-package-compromised cross-posted from: lemmy.bestiver.se/post/1019645 CommentsPROGRAMMING.DEV
31 MarBehind the Curtain: AI's looming cyber nightmaresubmitted by return2ozma to cybersecurity 1 points | 0 comments https://www.axios.com/2026/03/29/claude-mythos-anthropic-cyberattack-ai-agentsSH.ITJUST.WORKS
31 MarAxios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly DownloadsA supply chain attack hit Axios when attackers used stolen npm credentials to publish malicious versions containing a phantom dependency. This triggered a cross-platform RAT during installation and replaced its files with clean decoys, making detection challenging.TRENDMICRO.COM
🕵️ THREAT INTELLIGENCE 18[−]
31 MarInventors of Quantum Cryptography Win Turing AwardCharles Bennett and Gilles Brassard have won the 2026 Turing Award for inventing quantum cryptography. I am incredibly pleased to see them get this recognition. I have always thought the technology to be fantastic, even though I think it’s largely unnecessary. I wrote up my…SCHNEIER.COM
31 MarCensys Raises $70 Million for Internet Intelligence PlatformThe latest funding round brings the total venture capital investment in Censys to $149 million. The post Censys Raises $70 Million for Internet Intelligence Platform appeared first on SecurityWeek .SECURITYWEEK.COM
31 MarVenom Stealer Raises Stakes With Continuous Credential HarvestingLicensed malware with built-in persistence and automation enables attackers to continuously siphon credentials, session data, and cryptocurrency assets. The post Venom Stealer Raises Stakes With Continuous Credential Harvesting appeared first on SecurityWeek .SECURITYWEEK.COM
31 MarTeamPCP Moves From OSS to AWS EnvironmentsAfter validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities. The post TeamPCP Moves From OSS to AWS Environments appeared first on SecurityWeek .SECURITYWEEK.COM
31 MarISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
31 MarThe threat to critical infrastructure has changed. Has your readiness?Five facts critical infrastructure (CI) leaders need to act on in 2026, grounded in what Microsoft Threat Intelligence is observing across sectors right now. The post The threat to critical infrastructure has changed. Has your readiness? appeared first on Microsoft Security Blog …MICROSOFT.COM
31 MarApplying security fundamentals to AI: Practical advice for CISOsRead actionable advice for CISOs on securing AI, managing risk, and applying core security principles in today’s AI‑powered environment. The post Applying security fundamentals to AI: Practical advice for CISOs appeared first on Microsoft Security Blog .MICROSOFT.COM
31 MarCyberheistNews Vol 16 #13 The 'Urgency Trap': Why Time Pressure is Your Biggest Email Red FlagKNOWBE4.COM
31 MarWorld Backup Day: Because “It Won’t Happen to Me” Often Means It WillEvery year on March 31st, World Backup Day rolls around with a simple but important message: Backup your data.KNOWBE4.COM
31 MarEvilTokens Launches New Phishing Service Targeting Microsoft AccountsEvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather than traditional credential phishing. The service sells a turnkey Microsoft device code phishing kit that has been in active use …GBHACKERS.COM
31 MarFive Browser and AI Security Questions Keeping CxOs up at NightPrisma Browser secures the last mile of work, data, and AI interactions by addressing CxO concerns: shadow AI, unmanaged devices, agentic AI and data leakage. The post Five Browser and AI Security Questions Keeping CxOs up at Night appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
31 MarCan Small LLMs Solve Security Flaws?Large language models sometimes hallucinate, causing AI-generated code to be vulnerable or insecure. OpenAI suggests small LLMs could reduce these issues. Even with small models, scaling across legacy systems and monoliths can create new authentication and security challenges, le…YOUTUBE.COM
31 MarSupply chain attack hits 300 million-download Axios npm packagesubmitted by cm0002 to cybersecurity 4 points | 0 comments https://www.itnews.com.au/news/supply-chain-attack-hits-300-million-download-axios-npm-package-624699INFOSEC.PUB
31 MarP2P WhatsApp Clone – No Setup or Signupsubmitted by xoron to cybersecurity 1 points | 0 comments IMPORTANT: Lets get a few things out of the way first. My app is not better than Whatsapp in any way. It hasnt been reviewed or audited. This app works by exchanging IP addresses… This app is NOT for anonymous comms. The p…SH.ITJUST.WORKS
31 MarHealthcare tech firm CareCloud says hackers stole patient datasubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/healthcare-tech-firm-carecloud-says-hackers-stole-patient-data/SH.ITJUST.WORKS
31 MarOpenAI ChatGPT fixes DNS data smuggling flaw • The Registersubmitted by kid to cybersecurity 6 points | 2 comments https://www.theregister.com/2026/03/30/openai_chatgpt_dns_data_snuggling_flaw/SH.ITJUST.WORKS
31 MarMaster These Tools or Potentially Get Left BehindCybersecurity tools and workflows are rapidly changing, with TMUX, NeoVim, and containerization becoming foundational skills. Professionals who ignore these fundamentals risk falling behind as automation and AI reshape security roles. How are you preparing to adapt your skills fo…YOUTUBE.COM
31 MarRelease Notes: Cross-Platform Threat Analysis with macOS, SSL Decryption, and 1,300+ New DetectionsMarch was a packed month for ANY.RUN. We rolled out major product improvements that help security teams investigate phishing inside encrypted traffic, expand cross-platform analysis with macOS, and bring Windows Server into the sandbox workflow. At the same ti…ANY.RUN
🌐 CYBER THREAT LANDSCAPE 4[−]
31 MarHackers compromise Axios npm package to drop cross-platform malwareHackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 36[−]
31 MarHow to Categorize AI Agents and Prioritize RiskAI agent risk isn't equal, it scales with access to systems and level of autonomy. Token Security explains how CISOs should categorize agents and prioritize what to secure first. [...]BLEEPINGCOMPUTER.COM
31 MarMicrosoft fixes Outlook Classic crashes caused by Teams Meeting add-inMicrosoft has resolved a known issue that rendered the classic Outlook email client unusable for users who enabled the Microsoft Teams Meeting Add-in. [...]BLEEPINGCOMPUTER.COM
31 MarHacker charged with stealing $53 million from Uranium crypto exchangeU.S. prosecutors have charged a Maryland man with stealing more than $53 million after hacking the Uranium Finance crypto exchange twice and laundering the proceeds through a cryptocurrency mixer. [...]BLEEPINGCOMPUTER.COM
31 MarHealth data giant CareCloud says hackers accessed patients’ medical recordsCareCloud, a major provider of medical records storage, said hackers accessed one of its repositories of patient data earlier in March. It provides technology for more than 45,000 providers covering millions of patients.TECHCRUNCH.COM
31 MarTrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical ThreatsTrendAI™ Research explored agentic AI cybercrime and EV infrastructure security through two research sessions at RSAC 2026.TRENDMICRO.COM
31 MarQBDI vs TritonDSE against a VM: who will be the fastest?In this blog, we present how QBDI and TritonDSE can be used to attack a complex C++ binary implementing a VM.QUARKSLAB.COM
31 MarThe Real Risk of VibecodingThis blog looks at how AI‑driven vibecoding speeds up software development while increasing security risk by outpacing traditional review and ownership. It explains why security needs to move earlier and be built into modern development workflows.TRENDMICRO.COM
31 MarGIGABYTE Control Center vulnerable to arbitrary file write flawThe GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts. [...]BLEEPINGCOMPUTER.COM
31 MarProton launches new "Meet" privacy-focused conferencing platformProton has announced a new video conferencing service named Meet and positioned it as a privacy-focused alternative to mainstream services like Google Meet, Zoom, and Microsoft Teams. [...]BLEEPINGCOMPUTER.COM
31 MarGoogle now allows you to change your @gmail.com addressGoogle is rolling out a new feature that allows you to change your @gmail address or create a new alias. [...]BLEEPINGCOMPUTER.COM
31 MarThis month in security with Tony Anscombe – March 2026 editionThe past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience planWELIVESECURITY.COM
31 MarAWS Security Agent on-demand penetration testing now generally availableAWS Security Agent on-demand penetration testing is now generally available, enabling you to run comprehensive security tests across all your applications, not only your most critical ones. This milestone transforms penetration testing from a periodic bottleneck into an on-demand…AWS.AMAZON.COM
31 MarFake Installers to Monero: A Multi-Tool Mining OperationElastic Security Labs dissects a long-running operation deploying RATs, cryptominers, and CPA fraud through fake installer lures, tracking its evolution across campaigns and Monero payouts.ELASTIC.CO