InfoSecBulletin Cybersecurity for mankind
Today is Microsoft’s March 2026 Patch Tuesday, featuring security updates for 84 flaws, which include 2 zero-day vulnerabilities that were publicly disclosed.
This Patch Tuesday also addresses three “Critical” vulnerabilities, 2 of which are remote code execution flaws and the other is an information disclosure flaw.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
The number of bugs in each vulnerability category is listed below:
46 Elevation of Privilege Vulnerabilities
2 Security Feature Bypass Vulnerabilities
18 Remote Code Execution Vulnerabilities
10 Information Disclosure Vulnerabilities
4 Denial of Service Vulnerabilities
4 Spoofing Vulnerabilities
2 zero-days and Microsoft Office flaws:
Microsoft defines a zero-day flaw as one that is known to the public or being actively used but does not have a fix yet.
The two publicly disclosed zero-days are:
CVE-2026-21262: SQL Server Elevation of Privilege Vulnerability
CVE-2026-26127: .NET Denial of Service Vulnerability
Microsoft fixed two remote code execution bugs (CVE-2026-26110 and CVE-2026-26113) in Office that can be exploited through the preview pane. Users should update the app promptly.
