43AA 6E9A 54EE B550 D830 EF7A 36EE 72FB 8AD1 F5CC

Infosec bits for 2026 week 10

Heloise Meyer | March 6, 2026, 4:13 p.m.

Cybersecurity News:

  • Cybersecurity Threats to Universities and Colleges — How to Stay Safe [Times Higher Education, Times Higher Education]
  • Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks [Phil Muncaster, Infosecurity Magazine]
  • Quantum Decryption of RSA Is Much Closer Than Expected [Kevin Townsend, SecurityWeek]
  • Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations [Christopher Boyton, Trend Micro]

    • Vulnerabilities & Patches:

  • Cisco flags more SD-WAN flaws as actively exploited in attacks [Sergiu Gatlan, Bleeping Computer]
  • Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise [Ionut Arghire, Security Week]
  • WordPress membership plugin bug exploited to create admin accounts [Bill Toulas, Bleeping Computer]
  • Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers [Bill Toulas, Bleeping Computer]

    • Cyber Attacks:

  • Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery [Jessica Lyons, The Register]
  • Tracking CyberStrikeAI Usage [Will Thomas, Team Cymru]
  • Wikipedia hit by self-propagating JavaScript worm that vandalized pages [Lawrence Abrams, Bleeping Computer]
  • Purchase order attachment isn’t a PDF. It’s phishing for your password [Pieter Arntz, Malwarebytes]

    • Contact Us:

    csirt {a} sanren.ac.za

    CSIRT:

    0x36EE72FB8AD1F5CC

    Heloise:

    0xD367253D12C5BBBC

    Zoya:

    0x14D11B78C23A3DEF

    Anele:

    0x1EC1265990F8D258

    This website uses cookies to ensure you get the best experience on our site. Learn more