11.03.2026

Krebs Security 11.03.2026 00:32
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month's Patch Tuesday.

CSO Online 10.03.2026 23:36
Three high severity holes in Microsoft’s Office suite headline the 78 issues listed in the March Patch Tuesday releases, which, grateful CSOs will notice, contain no surprise zero day vulnerabilities.
Still, Jack Bicer, director of vulnerability research at Action1, says these Office-related flaws should be treated “with urgency.”

The Hacker News 10.03.2026 13:20
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments.
The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in

Heise Security 10.03.2026 11:56
Immer noch gibt es neue Berichte von Phishing-Nachrichten kurz nach Buchung bei Best Western Hotels. Ursache seien anhaltende Cyberangriffe.

CSO Online 10.03.2026 10:00
When I first secured a production line, part of the control system was still running on an unpatched Windows XP machine tucked under a lab table — right next to the state-of-the-art GMP manufacturing setup that produced millions in value every day. Everyone knew that the system was a risk, but no one was willing to touch it as long as it “still worked.” That mix of technical debt, operational pressure and regulatory risk makes legacy operational technology (OT) today a time bomb — especially in energy and pharma.
We have modern attackers, but outdated systems

Heise Security 10.03.2026 08:12
Im März behandelt SAP in 15 Sicherheitsmitteilungen teils kritische Sicherheitslücken in diversen Produkten. Admins müssen handeln.