State of (in)security - Week 10, 2026
Take action: Update your Comet browser, or even better, wipe it from your system. It's too dangerous. Treat AI agents as untrusted insiders and manually restrict their access to sensitive websites or local files. Always enable 'ask before filling' in your password manager to prevent agents from accessing credentials without your explicit consent. Treat AI documentation feeds as executable code and never assume a tool is safe just because it has high GitHub stars. Limit your AI assistant's file system permissions and verify the source of all instructions delivered through MCP servers.
Learn More
In the week between March 2, 2026, midnight and March 9, 2026, midnight we witnessed a total of:
- 15 advisory/vulnerability events
- 17 incident/data breach events
Week over Week comparison of week 10 2026 vs week 9 2026 :
- Advisories are down and incidents are up. Advisories are down from 21 in week 9 2026 to 15 in week 10 2026. Incidents are up from 15 in week 9 2026 to 17 in week 10 2026.
- The number of known impacted individuals is down - from 53 million in week 9 2026 to 473 thousand in week 10 2026.
We also shared 5 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 473,964 impacted individuals across 3 incidents, with the largest breach being the LexisNexis Confirms AWS Cloud Breach Caused by React Vulnerability Exploit incident exposing 400,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Government | 4 |
| Consulting/Professional Services | 2 |
| Education | 2 |
| Finance | 2 |
| Healthcare | 2 |
| IT/Software/Technology | 2 |
| Construction/Realestate | 2 |
| Manufacturing | 1 |
Read the Event Details of the Week
Knowledge
- active exploit | CISA Reports Active Exploitation of VMware Aria Operations
- active exploit | Cisco Patches Actively Exploited Vulnerabilities in Catalyst SD-WAN Manager
- active exploit | Critical Privilege Escalation Vulnerability Reported in WordPress User Registration Plugin
- active exploit | Mailpit SSRF Vulnerability Exploited in Targeted Attacks
- active exploit | Over 900 Sangoma FreePBX Instances Compromised via Command Injection Flaw
Vulnerabilities
- critical vulnerability | AI Agent Vulnerabilities Enable Hijacking in Perplexity Comet Browser
- critical vulnerability | CISA warns of multiple vulnerabilities in ePower EV charging stations
- critical vulnerability | Cisco Issues Emergency Patches for Critical Root-Level Firewall Management Flaws
- critical vulnerability | ContextCrush Flaw Exposes AI Development Tools to Attacks
- critical vulnerability | Critical Authentication Bypass in pac4j-jwt Library Allows Full User Impersonation
- critical vulnerability | Critical MS-Agent Vulnerability Allows Full System Takeover via AI Prompt Injection
- critical vulnerability | Critical RCE and SSRF Vulnerabilities Discovered in Popular mcp-atlassian Server
- critical vulnerability | Critical Unauthenticated RCE Vulnerability in IceWarp Leaves 1,200 Servers Exposed
- critical vulnerability | Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking
- critical vulnerability | Google Android March 2026 Security Bulletin Patches 129 Vulnerabilities, One Actively Exploited Qualcomm Flaw
- critical vulnerability | Google Issues Emergency Chrome Update to Patch 10 Security Vulnerabilities
- critical vulnerability | HPE Reports Flaw in AutoPass License Server Enabling Authentication Bypass
- critical vulnerability | IBM Patches Critical Remote Code Execution Flaws in QRadar SIEM
- critical vulnerability | Multiople Flaws Reported in Mobiliti EV Charging Infrastructure
- critical vulnerability | OneUptime Patches Critical Command Injection Vulnerability in Probe Servers
Incidents
- data breach | Cloud Imperium Games Reports Data Breach Affecting Star Citizen User Accounts
- data breach | Tieu Dental Corporation Data Breach
- data breach | LexisNexis Confirms AWS Cloud Breach Caused by React Vulnerability Exploit
- data breach | L&S Mechanical Ransomware Attack Exposes Data of Over 5,000 Texas Residents
- data breach | DeKalb County Indiana Reports Month-Long Network Data Breach
- data breach | Figure Lending Corp Reports Data Breach
- data breach | Maritz Holdings Reports Data Breach Linked to Oracle EBS Exploitation
- data breach | Hacker claims breach at Colombia's Tax Authority DIAN, alleges theft 18 million records
- data breach | The College of Health Care Professions Data Breach Affects Nearly 69,000 Individuals
- data breach | FBI Servers Compromised in Targeted Breach of Surveillance Management Systems
- data breach | Frankel Loughran Starr & Vallone LLP Data Breach Investigation
- ransomware | Passaic County Government IT Systems and Phone Lines Crippled by Malware Attack
- ransomware | Denmark School District Hit by Weeklong Outage Following Incident Claimed by INC Ransom
- ransomware | AkzoNobel U.S. Facility Targeted in Anubis Ransomware Attack
- ransomware | PIH Health Ransomware Attack and Data Breach
- ransomware | Pyramid ETC Companies Reports Data Breach
- ransomware | US Mortgage Corporation Ransomware Attack Exposes Financial and Personal Data
