# Archive
Browse past daily curated stories
Wednesday, March 11, 2026
-
1Krebs on Security threat-intelMicrosoft Patch Tuesday, March 2026 Edition
Microsoft's March 2026 Patch Tuesday addresses 77 vulnerabilities in Windows and other software, with no zero-day exploits compared to February's five zero-day threats. This represents the first month in six months without actively exploited vulnerabilities, providing security teams a less urgent patching cycle.
-
2BleepingComputer generalMicrosoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws
Microsoft's March 2026 Patch Tuesday fixes 79 flaws including 2 publicly disclosed zero-day vulnerabilities, marking the first update in six months without actively exploited zero-days. The update addresses critical security gaps while giving organizations breathing room from emergency patching.
-
3BleepingComputer generalNew ‘BlackSanta’ EDR killer spotted targeting HR departments
Russian-speaking threat actors have deployed BlackSanta EDR killer malware against HR departments for over a year, specifically targeting human resource workflows to bypass endpoint detection and response systems. The campaign demonstrates sophisticated evasion techniques designed to steal data while remaining undetected by security tools.
-
4BleepingComputer generalNew BeatBanker Android malware poses as Starlink app to hijack devices
BeatBanker Android malware masquerades as a Starlink app on fake Google Play Store websites to hijack devices and build a malicious proxy network. The malware specifically targets Android users by tricking them into downloading what appears to be legitimate SpaceX Starlink software.
-
5BleepingComputer generalNew 'Zombie ZIP' technique lets malware slip past security tools
The "Zombie ZIP" technique allows malware to hide payloads in specially crafted compressed files that evade antivirus and EDR detection systems. This new method exploits weaknesses in how security solutions parse ZIP file structures, enabling attackers to deliver malware undetected.
-
6BleepingComputer generalNew KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network
The KadNap botnet has infected over 14,000 ASUS routers and edge devices since August 2025, with 60% of victims located in the U.S. The malware converts compromised devices into proxies for malicious traffic, creating a stealth network for cybercriminal operations.
-
7The Hacker News generalFortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Threat actors are exploiting FortiGate NGFW appliances through recently disclosed vulnerabilities and weak credentials to extract configuration files containing service account credentials and network topology. The campaign demonstrates how network security devices become high-value targets for lateral movement and credential theft.
-
8The Hacker News generalAPT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
APT28 has deployed BEARDSHELL and COVENANT malware against Ukrainian military personnel since April 2024, representing a return to sophisticated tooling for long-term surveillance operations. The Russian state-sponsored group previously known as Fancy Bear is using custom variants of open-source frameworks for espionage.
-
9The Hacker News generalNew "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Nine cross-tenant vulnerabilities dubbed "LeakyLooker" in Google Looker Studio could have allowed attackers to execute arbitrary SQL queries on victims' databases and steal data from Google Cloud environments. Tenable researchers found the flaws enable unauthorized access across organizational boundaries within the business intelligence platform.
-
10SecurityWeek generalAdobe Patches 80 Vulnerabilities Across Eight Products
Adobe patched 80 vulnerabilities across eight products including Commerce, Illustrator, Acrobat Reader, and Premiere Pro in its March 2026 security update. The extensive patch release addresses multiple attack vectors across Adobe's creative and business software suite used by millions globally.