Infosec bits for 2026 week 13

Heloise Meyer | March 27, 2026, 2:20 p.m.

Cybersecurity News:

AI in the SOC: What Could Go Wrong? [Becky Bracken, Dark Reading]

Insurer Liberty hit by data breach [Admire Moyo, ITweb]

Tycoon2FA Phishing Service Resumes Activity Post-Takedown [Alessandro Mascellino, Infosecurity Magazine]

Bubble: a new tool for phishing scams [Roman Dedenok, Kaspersky Daily]

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code [Kevin Poireault, Infosecurity Magazine]

Vulnerabilities:

Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw [Nate Nelson, Dark Reading]

QNAP Patches Four Vulnerabilities Exploited at Pwn2Own [Ionut Arghire, SecurityWeek]

TP-Link warns users to patch critical router auth bypass flaw [Sergiu Gatlan, BleepingComputer]

BIND Updates Patch High-Severity Vulnerabilities [Ionut Arghire, SecurityWeek]

Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks [Ravie Lakshmanan, The Hacker News]

Malware:

GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead [Elizabeth Montalbano, Dark Reading]

New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs [Deeba Ahmed, Hack Read]

The Beast Returns: Analysis of a Beast Ransomware Server [Will Thomas, Team Cymru]