Skip to main content

March 10 2026: What's going on this week

·710 words·4 mins
Author
Shane Blaufuss, CISSP

Five stories worth your attention this week.


APT28 revives decade-old malware toolkit to surveil Ukrainian military ESET published research today on a sustained APT28 espionage campaign using paired implants BEARDSHELL and a heavily modified COVENANT framework. COVENANT’s official development was abandoned in 2021, which is exactly why defenders stopped looking for it. COVENANT’s C2 has rotated through multiple cloud storage providers over the years (pCloud, then Koofr, now Filen), a deliberate operational security practice that complicates detection. Code analysis traces both back to APT28 tools from 2010, pointing to continuity of the same developer team across fifteen years of operations.

  • What to watch: If you’re in defense, logistics, or government contracting, this tradecraft has a history of moving west. Detection rules built around “known” Covenant behavior will likely miss APT28’s custom variant.
  • Sources: ESET / The Hacker News | The Record | Security Affairs

Cisco SD-WAN zero-day exploited since 2023 — CISA Emergency Directive active CVE-2026-20127 (CVSS 10.0) lets an unauthenticated remote attacker gain admin access to Cisco Catalyst SD-WAN Controller and Manager. Cisco Talos attributes active exploitation to a threat actor tracked as UAT-8616, with evidence the zero-day was being used at least three years before the CVE was assigned. CISA Emergency Directive 26-03 required federal agencies to inventory and patch by February 27, with a final deadline of March 12 to report hardening actions to CISA.

  • What to watch: Patching is necessary but not sufficient here. The post-exploitation chain involves deliberate software version downgrades specifically to avoid detection. Hunt for rogue peer additions and anomalous NETCONF activity, and treat this as a potential breach scenario if you’re running affected hardware.
  • Sources: CISA ED 26-03 | Cisco Talos | The Hacker News

Indirect prompt injection observed in the wild — AI agents as attack surface Palo Alto Networks Unit 42 documented the first confirmed in-the-wild cases of web-based indirect prompt injection attacks, including the first observed case of AI-based ad review evasion. Hidden instructions embedded in web content are redirecting AI agent behavior without any user awareness.

  • What to watch: Any AI agent with broad data access and the ability to make external requests is a privileged identity in your environment. Apply the same least-privilege discipline you would to a service account.
  • Sources: Unit 42 / Palo Alto Networks | OWASP LLM Top 10

📋 Resource Spotlight: OWASP LLM Top 10 If you’re not already familiar with it, the OWASP Top 10 for Large Language Model Applications is worth bookmarking. Modeled after the long-established OWASP Web Application Top 10, it catalogs the ten most critical security risks specific to LLM-integrated systems: prompt injection, insecure output handling, supply chain vulnerabilities, excessive agency, and more. The 2025/2026 revision puts indirect prompt injection at the top of the list for agentic systems. If your organization is deploying any AI tooling, this is the framework your security team should be working from.


CISA’s leadership vacuum is a systemic risk, not just a policy story CISA’s director nominee was escorted out of Coast Guard HQ last week. The agency has gone over a year without a Senate-confirmed director, has shed more than 30% of its workforce, and has seen key public-private coordination mechanisms disbanded with no replacement in sight.

  • What to watch: Smaller critical infrastructure operators — water utilities, regional manufacturers, under-resourced healthcare systems — depend on CISA alerts as a primary early warning system. That pipeline is degraded right now. If your threat intelligence strategy leans heavily on CISA, it’s time to build in some redundancy.
  • Sources: CBS News | Cybersecurity Dive | Federal News Network

Android chipset-level vulnerability actively exploited — your MDM won’t catch it Google’s March 2026 Android Security Bulletin patched 129 vulnerabilities including CVE-2026-21385, an actively exploited integer overflow in a Qualcomm graphics component that affects 234 chipsets. Standard MDM controls live above the firmware layer and simply don’t reach this.

  • What to watch: BYOD environments and organizations without enforced mobile patch SLAs are carrying exposure they probably haven’t quantified. This is a board-level conversation, not just an IT one.
  • Sources: Google Android Security Bulletin | DIESEC

Shane Blaufuss, CISSP is the founder of Greymantle Risk Advisory, where he helps executives build and lead security programs that actually work. See something here that hits close to home? Let’s talk.