Threat Intelligence: March 23, 2026
Start your week with a fresh dose of the latest cybersecurity news, trends, and potential threats that can impact you and our industry.
Check out what’s trending below, tune into the top incidents this week in the podcast above, and scroll down for helpful cybersecurity resources you can bookmark.
Social engineering is a dominant initial access vector. Attackers are increasingly relying on user interaction, like phishing, fake prompts, and malicious instructions, to bypass technical controls and gain execution within trusted environments. This reduces dependence on exploits and allows attackers to scale campaigns across organizations regardless of patching posture.
Geopolitical events are consistently being weaponized for cyber operations. Breaking news and regional conflicts are rapidly incorporated into lures for espionage, fraud, and malware delivery. This creates a dual threat landscape where both nation-state and financially motivated actors exploit the same narratives to target victims at scale.
Supply chain and shared platform risk continues to expand. Attackers are prioritizing widely used ecosystems, such as open-source repositories, SaaS platforms, and third-party vendors, to achieve broad, downstream impact. Misconfigurations and trust relationships are increasingly being exploited instead of platform vulnerabilities.
Identity-based attacks are outpacing traditional perimeter threats. Credential theft, account takeover, and abuse of legitimate access are key drivers of breaches, often enabled through phishing or third-party compromise. These attacks frequently evade detection by blending in with normal user activity.
Critical infrastructure and high-impact industries remain priority targets. Sectors where disruption has immediate operational or safety consequences, such as healthcare and regulated systems, continue to face disproportionate targeting, increasing both financial and societal risk.
Cybercrime infrastructure remains globally distributed and resilient. Despite coordinated takedown efforts, the scale and decentralization of malicious infrastructure enable rapid reconstitution, allowing phishing, malware distribution, and scam operations to persist with minimal disruption.
To learn more about these trends and other important cyber events in the past week, check out the full report below.
Find this helpful? Share this report with others.
Have questions or comments? Reach out to the team.
Resources:
Check out our Cyber Threat Index, a monthly aggregation of trends and threats around the globe.
Our Cyber Threat Attack Map tracks the top attacks of the day.
Read our blogs to learn more about our cutting-edge research.
Learn more about who we are here.