Weekly Security Intelligence Briefing — Week of 2026-03-09

“`html

Executive Summary

The week of March 9, 2026 marks one of the highest-pressure threat weeks observed this quarter. Security teams face simultaneous pressure across four fronts: actively exploited infrastructure vulnerabilities, a Patch Tuesday releasing fixes for 77-84 vulnerabilities including two confirmed zero-days, escalating nation-state activity from Russian and Iranian actors, and an accelerating supply chain attack wave targeting developer tools and package registries. Two Cisco Secure Firewall Management Center vulnerabilities carry CVSS 10.0 scores with no available workaround, demanding immediate patch action. CISA added VMware Aria Operations (CVE-2026-22719), Hikvision cameras (CVE-2017-7921), Rockwell Logix OT/ICS controllers (CVE-2021-22681), and Ivanti Endpoint Manager to the Known Exploited Vulnerabilities catalog, with remediation deadlines falling between March 24-26. An Android zero-day (CVE-2026-0006, CVSS 9.8) is under active exploitation. The Iranian multi-actor cyber campaign linked to recent military operations poses elevated risk to government and defense sectors. Healthcare and financial organizations sustained multiple breach events this week, reinforcing third-party risk as a primary exposure vector. Overall risk posture is rated HIGH trending toward CRITICAL for organizations running Cisco firewall infrastructure, VMware Aria Operations, or OT/ICS Hikvision and Rockwell components.

Critical Action Items

1. Patch Cisco Secure Firewall Management Center immediately, CVSS 10.0, no workaround exists.
   CVE-2026-20079 and CVE-2026-20131 affect Cisco Secure Firewall Management Center (FMC). Both carry CVSS 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). No workaround is available. Apply vendor patches as published in the Cisco Secure Firewall March 2026 Bundle Advisory. Isolate FMC management interfaces from untrusted networks immediately if patching cannot occur within 24 hours. No CISA KEV deadline is set, but the exploit surface is unauthenticated and network-accessible.
2. Remediate VMware Aria Operations RCE by March 24, CISA KEV deadline.
   CVE-2026-22719 (CVSS 8.1) allows remote code execution via command injection in VMware Aria Operations. CISA added this to the KEV catalog on March 3, 2026, with a federal remediation deadline of March 24, 2026. Apply the patch from Broadcom/VMware immediately. Restrict network access to Aria Operations management interfaces as a compensating control where patching is delayed.
3. Patch or isolate Hikvision cameras and Rockwell Logix OT/ICS controllers by March 26, CISA KEV deadline.
   CVE-2017-7921 (Hikvision, CVSS 9.8) and CVE-2021-22681 (Rockwell Logix, CVSS 9.8) were added to the CISA KEV catalog on March 5, 2026, with a remediation deadline of March 26, 2026. Both are confirmed actively exploited. Apply available patches. For OT/ICS systems where patching is operationally infeasible, segment devices from IT networks, enforce strict firewall rules, and increase monitoring for anomalous traffic. Reference CISA ICS advisory guidance for compensating controls.
4. Apply Microsoft and Adobe March 2026 Patch Tuesday updates, two zero-days confirmed exploited.
   Microsoft patched 77-84 vulnerabilities on March 10, 2026, including two actively exploited zero-days. Adobe also released patches in the same cycle. Prioritize exploitation-confirmed and critical-rated patches. Review Snort rule updates published alongside this Patch Tuesday. Deploy patches through normal change management for non-zero-day items; fast-track the two zero-days. Enable Windows Hotpatch (generally available via Intune beginning May 2026) to reduce future reboot requirements.
5. Patch Ivanti Endpoint Manager, CISA KEV, actively exploited, three-week federal deadline.
   CISA flagged a high-severity Ivanti EPM vulnerability as actively exploited and ordered federal agencies to patch within three weeks (deadline approximately March 31, 2026, per March 10 KEV addition). Apply the vendor patch. Organizations that cannot patch immediately should restrict EPM console access to management networks and monitor for unusual EPM-initiated process execution.
6. Audit npm dependencies and developer toolchains for supply chain compromise indicators.
   A malicious npm package posing as an OpenClaw installer was discovered deploying a RAT and stealing macOS credentials. A separate Chrome extension turned malicious post-ownership transfer. Two Chrome extensions previously associated with a single developer are injecting code and harvesting data. Review all recently installed or updated npm packages and browser extensions against known-good hashes. Remove unrecognized or newly transferred extensions from enterprise endpoints. Enforce extension allowlisting via policy where feasible.

Key Security Stories

March 2026 Patch Tuesday: Two Actively Exploited Zero-Days Among 77-84 Vulnerabilities

Microsoft released its March 2026 Patch Tuesday update on March 11, 2026, addressing between 77 and 84 vulnerabilities depending on the counting methodology used across different analysis sources. Two of those vulnerabilities are confirmed under active exploitation at the time of release, triggering mandatory fast-track remediation for enterprise security teams. Adobe shipped patches in the same cycle. Cisco published Snort rules alongside the advisory to enable network-level detection for organizations that cannot patch immediately.

The EchoLeak vulnerability, a zero-click information disclosure flaw in Microsoft Excel combined with Microsoft Copilot (CVSS 8.6), is among the highest-profile items in this cycle. The vulnerability requires no user interaction beyond opening a specially crafted file, and it can expose data processed by Copilot to an attacker-controlled destination. This is notable not only for its severity but because it demonstrates an emerging class of AI-adjacent vulnerabilities where AI model integration creates new data exfiltration paths not present in the base application.

Organizations running Microsoft 365, Excel, and Copilot-integrated environments should treat EchoLeak as priority remediation regardless of whether it is one of the two confirmed zero-days. The broader patch set should be processed according to standard Patch Tuesday procedures, with the confirmed zero-days deployed on an expedited schedule. Monitor Microsoft Security Response Center (MSRC) advisories for updated exploitation status as the week progresses.

Affected: Microsoft Windows, Microsoft Excel with Copilot integration, Adobe products (multiple). Exploitation Status: Two zero-days confirmed actively exploited; EchoLeak status, disclosed, patch available. Fix: Apply March 2026 Patch Tuesday updates. Sources: SCC-STY-2026-0001, SCC-STY-2026-0007, SCC-CVE-2026-0007 (SCC pipeline); BleepingComputer, SANS Internet Storm Center, Zero Day Initiative (ZDI) analyses cited across SCC story items.

CyberStrikeAI Platform Compromises 600+ FortiGate Devices in AI-Native Campaign

A threat campaign tracked as CyberStrikeAI has compromised more than 600 FortiGate devices using what analysts describe as an AI-native attack platform. This campaign is significant because it represents a documented shift from AI-assisted tools, where human operators retain primary control, to an AI-driven platform capable of autonomous exploitation decisions at scale. The CyberStrikeAI platform appears to automate vulnerability identification, exploit selection, and initial access across large target pools faster than human operators could manage.

The campaign aligns with a broader trend documented this week: Pakistan’s APT36 group has separately adopted AI-assisted “vibe-coding” techniques to produce malware at volume, even if individual samples are of lower quality. The concern is not necessarily sophistication per sample but throughput, a mediocre piece of malware deployed at 10x normal volume can overwhelm detection and response capacity. Together, CyberStrikeAI and APT36’s approach signal that AI malware production and AI-driven exploitation are moving from theoretical threat to operational reality.

Organizations running Fortinet FortiGate should audit device configurations, review authentication logs for anomalous access patterns, and verify that all FortiGate devices are running current firmware. The CyberStrikeAI campaign priority score of 0.92 is the highest in this week’s SCC pipeline and warrants immediate investigation for any organization with FortiGate in the environment.

Affected: Fortinet FortiGate (600+ devices confirmed compromised). Exploitation Status: Active, ongoing campaign. Fix: Apply current FortiGate firmware; review configuration baselines. Sources: SCC-CAM-2026-0001; Dark Reading (nation-state AI malware reporting, SCC additional news feed).

Cisco Dual CVSS 10.0 Vulnerabilities and Expanding SD-WAN Campaign

Cisco disclosed two CVSS 10.0 vulnerabilities in Secure Firewall Management Center (CVE-2026-20079, CVE-2026-20131) with no available workaround. The attack vector for both is network-accessible, requires no authentication, no user interaction, and achieves full confidentiality, integrity, and availability compromise with scope change, the most severe possible CVSS 3.1 profile. Organizations running Cisco FMC have no compensating control available beyond network isolation of the management interface; patching is the only complete remediation.

Simultaneously, the Cisco Catalyst SD-WAN Manager campaign is expanding. Two additional CVEs (CVE-2026-20122, CVE-2026-20128, CVSS 7.1 each) have been confirmed exploited in the wild as part of an active, growing campaign. While CVSS 7.1 is lower than the FMC vulnerabilities, the confirmed active exploitation and campaign expansion make these high priority. Cisco PSIRT issued the advisory on March 5, 2026.

Security teams with Cisco infrastructure should treat this week as a Cisco-specific emergency response event. Apply FMC patches first (CVSS 10.0, no workaround). Follow with SD-WAN Manager patches for the confirmed-exploited CVEs. Review Cisco device access logs for indicators of unauthorized configuration changes, especially on SD-WAN Manager nodes.

Affected: Cisco Secure Firewall Management Center, Cisco Catalyst SD-WAN Manager. Exploitation Status: SD-WAN campaign actively exploiting CVE-2026-20122 and CVE-2026-20128; FMC not yet confirmed exploited but no workaround exists. Fix: Apply Cisco March 2026 bundle advisory patches. Sources: SCC-CVE-2026-0004, SCC-CVE-2026-0006; Cisco PSIRT Advisory March 5, 2026.

Iranian Multi-Actor Cyber Campaign Escalates Following Military Operations

An Iranian multi-actor cyber campaign linked to recent military operations is actively targeting government, defense, and critical infrastructure sectors. The campaign is characterized by coordinated activity across multiple Iranian threat actors operating with tactical alignment, a pattern consistent with state-directed offensive operations following geopolitical triggers. This is not a single threat group acting opportunistically; it reflects organized, mission-assigned offensive cyber operations.

The campaign’s timing following military operations fits historical Iranian cyber doctrine, which uses offensive cyber operations as a component of broader pressure and retaliation strategies. Organizations in government, defense, energy, and telecommunications sectors, especially those with ties to nations or organizations perceived as adversaries by Iran, should elevate their threat posture accordingly. Relevant MITRE ATT&CK techniques for Iranian threat actors include spearphishing (T1566), valid account abuse (T1078), and living-off-the-land execution (T1218).

This item carries a priority score of 0.88 in the SCC pipeline. It should be reviewed alongside the Russian APT28 activity reported this week (see Nation-State section) as the threat landscape this week includes elevated simultaneous activity from both Russian and Iranian state actors.

Targeted Sectors: Government, defense, critical infrastructure, telecommunications. Attribution: Iranian multi-actor (state-directed). Sources: SCC-CAM-2026-0003; CISA threat actor guidance; MITRE ATT&CK (Iranian threat actor profiles).

Healthcare Breach Wave: Conduent/Elevance Health, Oracle E-Business Suite Campaign, and Sector Trend Data

Three distinct healthcare-sector breach events materialized this week. Conduent, a business process services provider, disclosed a data breach impacting Elevance Health (formerly Anthem) members, a third-party breach pattern that continues to expose healthcare organizations through their vendor ecosystems rather than through direct compromise. Separately, Michelin disclosed a data breach linked to an Oracle E-Business Suite attack campaign, which, while not a healthcare breach, demonstrates that EBS-targeting campaigns are active and may affect any large enterprise running Oracle EBS.

The broader healthcare data breach trend analysis (SCC-DBR-2026-0004) covering 2009-2025 confirms that breach frequency and scale have escalated consistently. Healthcare remains the most breach-impacted regulated sector, driven by the high value of protected health information (PHI) on criminal markets, legacy system prevalence, and complex third-party vendor relationships that expand the attack surface well beyond the covered entity itself.

Healthcare security teams should review third-party vendor access under HIPAA Business Associate Agreement frameworks, audit Oracle E-Business Suite patch levels if applicable, and ensure breach notification procedures are current. The Conduent incident reinforces that vendor due diligence must include ongoing monitoring, not just initial assessment.

Affected Organizations: Conduent (service provider), Elevance Health/Anthem (impacted members), Michelin (Oracle EBS vector). Sources: SCC-DBR-2026-0005, SCC-DBR-2026-0004, SCC-DBR-2026-0001; BleepingComputer (Ericsson breach reporting).

CISA KEV & Critical CVE Table

CVE	Product	CVSS	Status	KEV Deadline	Description
CVE-2026-20079 CVE-2026-20131	Cisco Secure Firewall Management Center	10.0	Patch-Critical, No Workaround	Not in KEV (patch immediately)	Dual unauthenticated, network-accessible RCE vulnerabilities. CVSS vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. No compensating control available.
CVE-2026-22719	VMware Aria Operations	8.1	CISA KEV, Actively Exploited	March 24, 2026	Remote code execution via command injection. CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Added to CISA KEV March 3, 2026.
CVE-2017-7921	Hikvision IP Cameras	9.8	CISA KEV, Actively Exploited	March 26, 2026	Authentication bypass in Hikvision cameras. CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. Added to CISA KEV March 5, 2026. OT/physical security device.
CVE-2021-22681	Rockwell Automation Logix Controllers (OT/ICS)	9.8	CISA KEV, Actively Exploited	March 26, 2026	Authentication bypass in Rockwell Logix OT/ICS controllers. CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. Added to CISA KEV March 5, 2026. ICS environment.
CVE-2026-0006	Android (March 2026 Patch Rollup)	9.8	Actively Exploited Zero-Day	Not in KEV	Zero-day under active exploitation included in Android March 2026 patch rollup. CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
CVE-2026-21385	Qualcomm Android Kernel	7.8	High, Privilege Escalation	Not in KEV	Local privilege escalation in Qualcomm Android kernel. CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Chained with remote exploits for full device compromise.
CVE-2026-20122 CVE-2026-20128	Cisco Catalyst SD-WAN Manager	7.1	Confirmed Exploited, Campaign Expanding	Not in KEV	Two CVEs confirmed exploited in an active, expanding campaign. Cisco PSIRT Advisory March 5, 2026.
CVE-2021-22054	VMware Workspace ONE (CISA addition)	7.5	CISA KEV, Actively Exploited	~March 31, 2026 (est.)	Server-side request forgery in VMware Workspace ONE. Added to CISA KEV catalog alongside SolarWinds and Ivanti EPM on March 10, 2026.
Ivanti EPM (CVE TBD)	Ivanti Endpoint Manager	High	CISA KEV, Actively Exploited	~March 31, 2026 (est.)	Recently patched high-severity flaw now actively exploited. CISA ordered federal patch within three weeks of March 10 advisory. Specific CVE not yet assigned at time of SCC pipeline ingestion.
SolarWinds (CVE TBD)	SolarWinds (product TBD)	High	CISA KEV, Actively Exploited	~March 31, 2026 (est.)	SolarWinds vulnerability flagged in CISA March 10 KEV update alongside Ivanti and Workspace ONE. Specific CVE not published in SCC pipeline at time of briefing generation.

Note: Deadline estimates marked “est.” are calculated from standard CISA KEV 21-day remediation windows from the March 10, 2026 addition date. Verify exact deadlines at the CISA KEV catalog. SolarWinds and Ivanti EPM CVE identifiers were not fully published in source data at briefing generation time; monitor CISA KEV for confirmation.

Supply Chain & Developer Tool Threats

Malicious npm Package Deploys RAT, Steals macOS Credentials

A malicious npm package named @openclaw-ai/openclawai was published to the npm registry impersonating a legitimate OpenClaw AI tool installer. When installed, the package deploys a remote access trojan (RAT) and steals credentials from macOS hosts. The package was uploaded by an account named “openclaw-“, a typosquat pattern designed to pass visual inspection. This attack is particularly concerning in environments where developers install AI coding assistant tools from the command line without verifying package authenticity against a maintained allowlist.

This campaign does not stand alone. Microsoft Bing’s AI-enhanced search feature separately promoted fake OpenClaw GitHub repositories instructing users to run commands that deployed information stealers and proxy malware. The convergence of a poisoned npm package and AI-search-promoted fake repos against the same brand represents a coordinated supply chain brand impersonation campaign. Developers searching for AI tools are the primary target population.

The “InstallFix” attack campaign adds a further layer: it blends malvertising with a ClickFix-style social engineering technique, using fake AI coding tool sites (including fake Claude Code sites) to trick users into running malicious commands in their terminals. Collectively, these three vectors, malicious npm packages, AI-search-promoted fake repos, and malvertising, represent a coordinated threat to developer workstations.

Recommended Actions:

• Audit npm package installations for @openclaw-ai/openclawai and any unrecognized @openclaw namespace packages.
• Enforce npm package allowlisting or private registry mirroring for enterprise developer environments.
• Educate developers on AI-search result manipulation and the risk of executing commands from search-result-linked pages.
• Block or flag ClickFix-style command injection patterns at endpoint level (commands referencing curl piped to bash, PowerShell download-and-execute patterns, etc.).

Sources: The Hacker News (npm package RAT report, SCC additional news); BleepingComputer (Bing AI fake OpenClaw repo, InstallFix campaign, SCC additional news).

Chrome Extensions Compromised After Ownership Transfer

Two Google Chrome extensions turned malicious following what researchers assess was a deliberate ownership transfer, a technique where attackers acquire previously legitimate, established extensions and push malicious updates to the existing install base. Both extensions were previously associated with a single developer. After transfer, they began injecting arbitrary code and harvesting sensitive user data including credentials and session tokens.

This attack vector is particularly difficult to detect because the extensions carry existing user trust, Chrome Web Store review history, and high install counts. Malicious updates arrive through the browser’s automatic update mechanism without user confirmation. Enterprise environments that do not enforce extension allowlisting via policy are fully exposed to this vector.

Recommended Actions:

• Enforce Chrome extension allowlisting via Google Workspace or Microsoft Intune device policy, only explicitly approved extensions should be installable.
• Review all installed Chrome extensions against a known-good inventory; remove any with recent ownership changes or unexplained permission expansions.
• Monitor browser extension activity for unusual network connections to external domains.

Sources: The Hacker News (Chrome extension ownership transfer report, SCC additional news).

UNC4899 (North Korea) Compromises Crypto Firm via Trojanized AirDrop

UNC4899, a North Korean state-sponsored threat actor, breached a cryptocurrency firm after a developer AirDropped a trojanized file from a personal device to their work device. The file, once executed, provided UNC4899 with a foothold in the organization’s cloud environment, ultimately resulting in theft of millions of dollars in cryptocurrency. This incident illustrates the intersection of personal device hygiene, wireless file transfer policies, and developer workstation security.

The AirDrop vector is notable because it bypasses traditional network security controls entirely, the malicious file traversed no corporate network, no email gateway, and no web proxy. Bring-your-own-device (BYOD) policies and personal-to-work file transfer procedures are the relevant control surface.

Recommended Actions:

• Restrict AirDrop and equivalent peer-to-peer wireless file transfer on corporate endpoints via MDM policy.
• Train developers on the specific risk of cross-device file transfers, especially in cryptocurrency and financial sector environments targeted by DPRK threat actors.
• Enforce application whitelisting and execution control on developer workstations to block execution of unsigned or unexpected binaries.

Sources: The Hacker News (UNC4899 report, SCC additional news).

Nation-State & APT Activity Summary

Russia, APT28: Custom Covenant C2 Framework Deployed for Long-Term Espionage

APT28 (Fancy Bear, attributed to Russian GRU Unit 26165) is deploying a customized variant of the open-source Covenant post-exploitation framework for long-term espionage operations. Covenant is a .NET-based C2 framework; APT28’s customized variant extends its evasion capabilities and persistence mechanisms beyond the public release. The use of modified open-source C2 tooling is consistent with APT28’s historical operational security practices, by adapting public tools rather than using entirely custom malware, the group reduces attribution confidence and complicates signature-based detection.

Separately, Russian state-sponsored actors have been linked to an ongoing Signal and WhatsApp account hijacking campaign targeting government officials, military personnel, and journalists. The Dutch government issued a public warning this week. The technique involves phishing for Signal/WhatsApp linked-device QR codes, which, when scanned by the victim, grant the attacker persistent access to the victim’s messages without requiring device compromise. This is a low-sophistication but highly effective technique against high-value targets who rely on encrypted messaging for sensitive communications.

Relevant MITRE ATT&CK TTPs: T1566 (Phishing), T1213 (Data from Information Repositories), T1550.004 (Web Session Cookie), T1219 (Remote Access Software, Covenant C2), T1071.001 (Application Layer Protocol: Web Protocols).

Targeted Sectors: Government, military, journalism, defense industrial base.

Sources: BleepingComputer (APT28 Covenant; Signal/WhatsApp hijacking, SCC additional news); MITRE ATT&CK APT28 profile.

Iran, Multi-Actor Campaign Following Military Operations

An Iranian multi-actor cyber campaign linked to recent military operations is active this week. Iran’s offensive cyber doctrine consistently pairs kinetic or diplomatic pressure events with coordinated cyber operations. Multiple Iranian threat actors, consistent with groups including APT33 (Shamoon lineage), APT34 (OilRig), and Charming Kitten, have been observed in coordinated activity. Attribution at the individual group level within this campaign has not been confirmed in available SCC pipeline data; the characterization as “multi-actor” suggests coordinated but operationally distinct teams acting under shared strategic direction.

Organizations in sectors historically targeted by Iranian actors, energy, government, defense, financial, and telecommunications, should elevate monitoring, review external-facing service exposure, and verify that phishing-resistant MFA is enforced on all externally accessible systems.

Relevant MITRE ATT&CK TTPs: T1566 (Phishing), T1078 (Valid Accounts), T1486 (Data Encrypted for Impact), T1489 (Service Stop), T1561 (Disk Wipe, Shamoon lineage).

Targeted Sectors: Energy, government, defense, critical infrastructure.

Sources: SCC-CAM-2026-0003; CISA Iran threat actor guidance; MITRE ATT&CK Iranian threat actor profiles.

China, Targeting Asian Critical Infrastructure with Web Server Exploits and Mimikatz

A Chinese threat actor has been conducting a years-long campaign targeting high-value organizations in South, Southeast, and East Asia. Targeted sectors include aviation, energy, government, law enforcement, pharmaceutical, technology, and telecommunications. The campaign uses web server exploitation for initial access and Mimikatz for credential harvesting, a combination consistent with multiple Chinese APT groups. The multi-year duration and breadth of targeted sectors indicate a strategic intelligence collection mission rather than opportunistic financial activity.

Relevant MITRE ATT&CK TTPs: T1190 (Exploit Public-Facing Application), T1003 (OS Credential Dumping, Mimikatz), T1078 (Valid Accounts), T1021 (Remote Services).

Targeted Sectors: Aviation, energy, government, law enforcement, pharmaceutical, technology, telecommunications (Asia-Pacific focus).

Sources: The Hacker News (Asian critical infrastructure campaign, SCC additional news); MITRE ATT&CK Chinese APT profiles.

Pakistan, APT36: AI-Assisted Malware Production at Scale

Pakistan’s APT36 (Transparent Tribe) has adopted AI-assisted “vibe-coding” techniques to produce malware at volume. Individual samples are described as mediocre in quality, containing detectable weaknesses a skilled analyst would identify. The strategic concern is throughput: by using AI to generate malware variants at scale, APT36 can overwhelm static signature-based detection and force security teams to triage a higher volume of lower-quality but operationally viable threats. This represents a documented use of AI as a force multiplier for a nation-state threat actor.

Sources: Dark Reading (APT36 AI malware assembly line, SCC additional news).

North Korea, UNC4899: Cryptocurrency Theft via Developer Device Compromise

UNC4899, assessed with moderate confidence as DPRK-affiliated, continues cryptocurrency-focused operations. This week’s incident (detailed in Supply Chain section) demonstrates the group’s willingness to exploit personal device interfaces and developer behavior patterns. North Korean cyber operations targeting cryptocurrency remain a primary revenue-generation mechanism for the DPRK state apparatus. Any organization holding significant cryptocurrency assets or developing blockchain/DeFi applications should treat UNC4899 and associated DPR