0A9F E785 1857 50AD 05CA A188 A708 1DB6 7F35 2F2A

Infosec bits for 2026 week 10

Heloise Meyer | March 6, 2026, 4:13 p.m.

Cybersecurity News:

  • Cybersecurity Threats to Universities and Colleges — How to Stay Safe [Times Higher Education, Times Higher Education]
  • Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks [Phil Muncaster, Infosecurity Magazine]
  • Quantum Decryption of RSA Is Much Closer Than Expected [Kevin Townsend, SecurityWeek]
  • Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations [Christopher Boyton, Trend Micro]

    • Vulnerabilities & Patches:

  • Cisco flags more SD-WAN flaws as actively exploited in attacks [Sergiu Gatlan, Bleeping Computer]
  • Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise [Ionut Arghire, Security Week]
  • WordPress membership plugin bug exploited to create admin accounts [Bill Toulas, Bleeping Computer]
  • Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers [Bill Toulas, Bleeping Computer]

    • Cyber Attacks:

  • Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery [Jessica Lyons, The Register]
  • Tracking CyberStrikeAI Usage [Will Thomas, Team Cymru]
  • Wikipedia hit by self-propagating JavaScript worm that vandalized pages [Lawrence Abrams, Bleeping Computer]
  • Purchase order attachment isn’t a PDF. It’s phishing for your password [Pieter Arntz, Malwarebytes]

    • Contact Us:

    csirt {a} sanren.ac.za

    CSIRT:

    0xA7081DB67F352F2A

    Heloise:

    0xD367253D12C5BBBC

    Zoya:

    0x14D11B78C23A3DEF

    Anele:

    0x14051F49DCC9C3DE

    This website uses cookies to ensure you get the best experience on our site. Learn more