Microsoft fixes 79 vulnerabilities in March 2026 Patch Tuesday, including two publicly disclosed 0-days affecting SQL Server, .NET and Windows systems.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Welcome back! This week, we’re shining a spotlight on Kri Dontje, a technical writer who’s become an essential voice in making Cisco Talos’ work understandable for a wide audience. With a background in technical communications and a career that began at a small startup, Kri discusses the importance of consistency, accuracy, and accessibility in documentation, as well as how to get the most out of a subject matter expert-technical writer relationship.
Now transitioning into a new role, Kri continues to bridge the gap between deep technical expertise and clear communication. When she’s not decoding cyber jargon, she’s hand-spinning yarn for stunning knit pieces, showing that creativity and tech go hand in hand. Keep an eye out for more content featuring Kri in the future.
Amy Ciminnisi: Can you tell us a little bit about what you do here in Talos?
Kri Dontje: Absolutely. I have a technical writing degree — technical communications — which means I translate very technical topics into something that other people can understand if they’re not necessarily experts in that field. I’ve had a very nontraditional career. My first position was at a very small company, 14 people at its largest. I did documentation, design and demonstration videos, and rebuilt their health system from the ground up. It was interesting and terrifying because I was learning it completely alone.
I’m also a huge nerd and a learning junkie, which helps with this kind of job. I enjoy being around people who are into really complex things and talking to them about it. I spent a lot of time around a local miniatures wargaming shop and became friends with a bunch of nerds, some of whom have migrated into Talos.
I transitioned over to the strategic communications team as a research engineer. I’m going to focus more on communicating about Talos at a slightly more technical level than our communications have been to the public for a while, while still creating content that makes Talos accessible for people as much as possible.
AC: What do you think are the most important qualities or skills that make someone a really good technical writer, especially in a fast-changing landscape like cybersecurity?
KD: That’s a big contradiction. One of the most important things for tech writing is consistency and accessibility. It’s not a career that encourages adjectives. You want to use the same word to mean the same thing every time because if you use a fun synonym, the reader might think it’s an entirely different concept.
Versioning is a big problem. People won’t trust documentation if they find bad information in it. They’ll never think it’s a reasonable place to go again. So keeping things accurate is really important.
Being snoopy and not being afraid to feel real stupid in front of extremely smart people is also key. Usually, you can find common ground. It’s important to recognize you’re not talking down to the audience or making the information for stupid people. Even within Talos and the cyber community, everyone has broad-ranging specialties. Most people don’t know what others do or can’t figure it out without spending a lot of time and energy they don’t need to. So the important thing is to bring the information to a level where other very intelligent people can cross-reference it and make it applicable to what they’re doing.
Want to see more? Watch the full interview, and don’t forget to subscribe to our YouTube channel for future episodes of Humans of Talos.
Cisco Talos Blog – Read More
Agentic AI is making headlines worldwide for its potential force-multiplying capabilities, and organizations are understandably intrigued by how it can improve throughput and capabilities. However, as with any technological revolution, unforeseen issues are inevitable, and agentic AI is no exception. In organizations, these issues often arise from deploying personal assistants like OpenClaw or AI agents designed to optimize business and IT processes. Additionally, when personal assistants interact with “social networks” such as Moltbook, they introduce many hidden threats for organizations. These specific risks fall beyond the scope of this article, and will be addressed in a future blog.
This article will concentrate on agentic AI’s use within organizations and explore how these systems could potentially be used against them. There are two perspectives that must be taken into consideration when thinking about agentic AI:
Both perspectives will be addressed, but let’s start with the first, which encompasses cybersecurity defense processes already in place, as well as the ways agentic AI can enhance those defenses.
At its core, agentic AI is an autonomous system tasked with an objective, equipped with specific tools and resources. This system is typically powered by large language models (LLMs) with advanced reasoning capabilities. These capabilities allow the agent to plan how to achieve its objective, implement that plan, and, most importantly, verify results and try different approaches if errors occur.
There are four questions an organization must ask when delegating a task to an AI agent:
AI agents can be incredibly powerful and task-oriented, so their actions must be scrutinized independently of intent. An agent may inadvertently destroy or expose data, while still successfully completing its task.
An AI agent needs to adhere to basic cybersecurity and risk management principles. Just as you wouldn’t hand a new employee keys to all the data in your enterprise, AI agent access should be tailored for its specific role. Following good practices like threat modeling and risk management provides a solid foundation for successfully deploying AI agents. The optimal approach is to apply existing organizational roles to AI agents and adjust the data access accordingly. The goal should be to ensure that the exposure from a compromised AI agent is no greater than from a compromised user; this is achievable only through strong access control.
AI agents are not immune to external interference or direct attacks. Agents can search the internet to determine the best actions to achieve their goals. These actions could be manipulated, leading the agent to run a tool with an undesired consequence. At the same time, the act of making queries to the internet can result in information leaks.
When addressing these kinds of issues, it’s important to recognize that LLMs are not deterministic in nature, meaning that the execution of an agent to solve a task may vary each time, even if the task is consistently completed. This means that the traditional allow/deny approach may not be enough to provide the necessary safety and security boundaries. It is crucial to evaluate the potential outcomes of an action before execution — not from the perspective of the task at hand, but from a safety and security standpoint, free from goal-related bias.
This oversight can be performed by a human operator, who authorizes critical steps in task resolution. It can also be provided by a separate model/agent tasked with evaluating the consequences of actions without regard to the overall objective. These evaluations can even be scored, triggering human review if a certain threshold is met. There may also be compliance requirements to track and log the actions agent actions, similar to those required for a user.
Just as no system is 100% secure, no agent is 100% safe, especially given their non-deterministic and try-error reasoning features. However, this is not a new challenge. This is a threat modeling and risk management problem, which organizations have been facing for several years now.
Organizations with mature cybersecurity practices model threat scenarios and prepare for incident response. They conduct business, information security, and cybersecurity risk evaluations for these scenarios and determine how each risk is managed. Using agentic AI should follow the same process: First, model threats based on agent privileges and capabilities, then evaluate the risks, and finally determine how to mitigate them.
Ultimately, we need to apply what we already know to this new context, drawing the appropriate parallels.
Agentic AI is already being used by malicious actors, as seen in cases like VoidLink. Nevertheless, this is just the tip of the iceberg, and defenders should be prepared for much more.
Agentic AI integration with attack frameworks is inevitable, and likely already underway; we just haven’t seen it yet. It may provide malicious operators with capabilities that could outpace defenders unless defenders also leverage agentic AI.
Our tracking of attack frameworks and their evolution provides clues on what the next steps may look like.
The next stage for these attack frameworks could easily be an agent that runs on the backend, awaiting operator requests. These requests might include searching for, compiling, and locally testing exploits for software the operator found on the target system.
But this is just the beginning. The list below illustrates other developments likely to be adopted by malicious operators:
These scenarios can be adapted by defenders to automate threat hunting and response, but all strategies must account for the risks and guardrails discussed earlier.
Cisco Talos Blog – Read More
Industrial giants Siemens, Schneider Electric, Mitsubishi Electric, and Moxa have published new ICS Patch Tuesday advisories.
The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors.
The Rust packages, published to crates.io, are listed below –
chrono_anchor
dnp3times
time_calibrator
time_calibrators
time-sync
The crates, per Socket, impersonate timeapi.io and were published between late February and early March
The Hacker News – Read More
For a change, there’s little in this month’s Patch Tuesday that should cause panic, according to security experts.
darkreading – Read More
The rolling release distro switches to Niri, a scrollable, tiling compositor that’s a lot cooler than you’d think. See why.
Latest news – Read More
Data centers — used by both governments and militaries for operations — are now fair game, not just for cyberattacks, but for kinetic attacks as well.
darkreading – Read More
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day” flaws this month (compared to February’s five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month’s Patch Tuesday.
Image: Shutterstock, @nwz.
Two of the bugs Microsoft patched today were publicly disclosed previously. CVE-2026-21262 is a weakness that allows an attacker to elevate their privileges on SQL Server 2016 and later editions.
“This isn’t just any elevation of privilege vulnerability, either; the advisory notes that an authorized attacker can elevate privileges to sysadmin over a network,” Rapid7’s Adam Barnett said. “The CVSS v3 base score of 8.8 is just below the threshold for critical severity, since low-level privileges are required. It would be a courageous defender who shrugged and deferred the patches for this one.”
The other publicly disclosed flaw is CVE-2026-26127, a vulnerability in applications running on .NET. Barnett said the immediate impact of exploitation is likely limited to denial of service by triggering a crash, with the potential for other types of attacks during a service reboot.
It would hardly be a proper Patch Tuesday without at least one critical Microsoft Office exploit, and this month doesn’t disappoint. CVE-2026-26113 and CVE-2026-26110 are both remote code execution flaws that can be triggered just by viewing a booby-trapped message in the Preview Pane.
Satnam Narang at Tenable notes that just over half (55%) of all Patch Tuesday CVEs this month are privilege escalation bugs, and of those, a half dozen were rated “exploitation more likely” — across Windows Graphics Component, Windows Accessibility Infrastructure, Windows Kernel, Windows SMB Server and Winlogon. These include:
–CVE-2026-24291: Incorrect permission assignments within the Windows Accessibility Infrastructure to reach SYSTEM (CVSS 7.8)
–CVE-2026-24294: Improper authentication in the core SMB component (CVSS 7.8)
–CVE-2026-24289: High-severity memory corruption and race condition flaw (CVSS 7.8)
–CVE-2026-25187: Winlogon process weakness discovered by Google Project Zero (CVSS 7.8).
Ben McCarthy, lead cyber security engineer at Immersive, called attention to CVE-2026-21536, a critical remote code execution bug in a component called the Microsoft Devices Pricing Program. Microsoft has already resolved the issue on their end, and fixing it requires no action on the part of Windows users. But McCarthy says it’s notable as one of the first vulnerabilities identified by an AI agent and officially recognized with a CVE attributed to the Windows operating system. It was discovered by XBOW, a fully autonomous AI penetration testing agent.
XBOW has consistently ranked at or near the top of the Hacker One bug bounty leaderboard for the past year. McCarthy said CVE-2026-21536 demonstrates how AI agents can identify critical 9.8-rated vulnerabilities without access to source code.
“Although Microsoft has already patched and mitigated the vulnerability, it highlights a shift toward AI-driven discovery of complex vulnerabilities at increasing speed,” McCarthy said. “This development suggests AI-assisted vulnerability research will play a growing role in the security landscape.”
Microsoft earlier provided patches to address nine browser vulnerabilities, which are not included in the Patch Tuesday count above. In addition, Microsoft issued a crucial out-of-band (emergency) update on March 2 for Windows Server 2022 to address a certificate renewal issue with passwordless authentication technology Windows Hello for Business.
Separately, Adobe shipped updates to fix 80 vulnerabilities — some of them critical in severity — in a variety of products, including Acrobat and Adobe Commerce. Mozilla Firefox v. 148.0.2 resolves three high severity CVEs.
For a complete breakdown of all the patches Microsoft released today, check out the SANS Internet Storm Center’s Patch Tuesday post. Windows enterprise admins who wish to stay abreast of any news about problematic updates, AskWoody.com is always worth a visit. Please feel free to drop a comment below if you experience any issues apply this month’s patches.
Krebs on Security – Read More
This sophisticated investment scam is spread via paid Meta ads and fake news stories. Here’s what to look for.
Latest news – Read More