Daily Security Briefing #190

March 11, 2026 | Read Online

Critical vulnerabilities exposed, AI training data poisoning, and escalating regional conflicts…

Executive Summary

Cybersecurity threats continue to evolve with malicious actors adapting to disruptions. The recent escalation of the regional conflict in Iran has led to an increase in cyber activity linked to the crisis. Meanwhile, critical vulnerabilities have been exposed in Microsoft Office, n8n workflow automation platform, and Ivanti Endpoint Manager. Additionally, AI training data poisoning has become a growing concern as attackers exploit trust mechanisms.

Top Articles

Iran’s Cyber Playbook in the Escalating Regional Conflict The conflict is beginning to show signs of expanding beyond a strictly regional crisis. Initial threat reporting pointed to a measurable increase in cyber activity linked to the crisis, predominantly focused on hacktivist mobilization, with reports of phishing campaigns and claims of data breaches. Rapid7

Rapid7 Detection Coverage for Iran-Linked Cyber Activity The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Rapid7 customers have access to detection and enrichment coverage, broadly assessing the macro cyber threat landscape, and demonstrating specific actions undertaken within the Rapid7 portfolio. Rapid7

Augmented Phishing: Social Engineering in the Age of AI The rise of GenAI has pushed social engineering and phishing to new levels. What once required manual effort can now be generated in seconds, resulting in hyper-personalized messages, cloned executive voices, and even realistic video impersonations. Checkpoint

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland said the company sent home more than 5,000 workers there today. Krebs on Security

Critical Vulnerability in Microsoft Office Allows Malicious Code to Run Remotely Microsoft has disclosed a critical security flaw in its Microsoft Office suite, officially tracked as CVE-2026-26110. Released on March 10, 2026, this Remote Code Execution (RCE) vulnerability poses a significant threat to organizations and individuals relying on the widely used productivity software. GBHackers

UNC6426 Hackers Exploit NPM Package to Gain AWS Admin Access in 72 Hours UNC6426 hackers turned a routine NPM update into a direct path to full AWS administrator access in under 72 hours, highlighting how fragile CI/CD-to-cloud trust can become when roles are overly permissive. GBHackers

Ivanti Endpoint Manager Authentication Flaw Targeted In Ongoing Cyberattacks, CISA Alerts The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical vulnerability in Ivanti Endpoint Manager (EPM) that is being actively targeted in cyberattacks. This vulnerability allows attackers to bypass authentication mechanisms. CyberPress

Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes Agentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute actions across multiple websites on behalf of a user could be trained and tricked into falling prey to phishing and scam traps. The Hacker News

Microsoft Patch Tuesday March 2026 Fixes 79 Vulnerabilities, Including Two Zero-Days Microsoft has released its March 2026 Patch Tuesday security updates, fixing 79 vulnerabilities across multiple products, including Windows, Microsoft Office, SQL Server, .NET Framework, Azure components, and Edge browser. CyberPress

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution. The Hacker News

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.