March 2026

Cyber Threat Intelligence Report

The Threat Landscape Is Accelerating. Are You Keeping Up?​

Download the March 2026 Monthly Cyber Threat Intelligence Report, an essential briefing on the attacks, vulnerabilities, and adversaries shaping today's security environment.​

This month's report covers the full spectrum of cyber threats, from high-profile breaches making headlines to the malware quietly spreading through your supply chain. Our CyOps research team breaks it all down so your team can act early to strengthen your overall security posture.​

 

This month’s report covers:

Emerging Ransomware Operations

  • Vect Ransomware and its double-extortion leak infrastructure built on a RaaS affiliate model
  • Ransomware-as-a-Service activity tied to the emerging Reynolds operation using BYOVD techniques
  • March ransomware activity trends across groups such as Qilin, Akira, Nightspire, DragonForce, and LockBit5

Active Malware & Infostealer Campaigns

  • WhoUser Stealer harvesting browser credentials, Discord tokens, and credit card data via Telegram and Discord exfiltration
  • GuLoader-based phishing campaign targeting EMEA medical organizations deploying Phantom Stealer v3.5.0
  • Supply-chain attack on Trivy vulnerability scanner delivering credential-stealing malware via trojanized binaries

Critical Vulnerabilities & Exploits

  • CVE-2026-3055: a critical out-of-bounds read actively exploited in Citrix NetScaler appliances configured as Identity Providers
  • CVE-2026-20131 (CVSS 10.0): unauthenticated remote code execution in Cisco Secure Firewall Management Center
  • Authentication bypass and remote code execution vulnerabilities affecting Langflow, ScreenConnect, Spring AI, and Zoom Workplace

Powered by Cynet CyOps Threat Intelligence

This report is produced by Cynet’s CyOps Threat Intelligence Team, combining decades of combined expertise and continuous threat research, real-world telemetry, and hands-on incident response experience to deliver intelligence that is timely, relevant, and designed for action.

Looking for more in-depth Threat Intel?

Cynet partners and customers receive exclusive access to CTI Reports before they are made available for public download. Learn more about CyOps MDR to unlock the advantage of ongoing threat intel and real-time response.​

 

Backed by the industry, loved by customers.

Outstanding results in 2025 Mitre ATT&CK Evaluations

100% Detection Visibility

100% Technique-Level Coverage

100% Protection

Learn More

Top-tier performance according to our users

98% score for Real-Time Detection

97% score for 24/7 support

97% score for Automated Remediation

Learn More

Recommended by 95%

Overall 4.8/5 Rating

Product capabilities 4.8/5 Rating

Ease of deployment 4.8/5 Rating

Learn More