Paper Trail

Ransomware victims are up 389% year-over-year and the time attackers need to exploit a new vulnerability has collapsed to hours. At the same time, 71% of security professionals received no salary increase last year and nearly half are actively job hunting.

Supply chain attacks, overpermissioned integrations, and AI cutting both ways – this week's threats are coming from inside the tools, not outside the walls.

NIST has changed the vulnerability management social contract – limiting enrichment from newly reported CVEs just as adversaries are weaponizing them in hours. This week: Microsoft's largest Patch Tuesday of 2026, AI coding agents hijacked via GitHub comments, a COPPA compliance deadline in four days, and critical patches for Adobe Acrobat, Apache ActiveMQ, and PHP Composer.

From critical RCEs in F5 devices and a high-profile Axios supply chain hit to the default permission risks lurking in Vertex AI, we break down the week’s most vital security shifts. Furthermore, what you need to do before the April 15 NYDFS deadline.

Adversary hand-off times collapse to mere seconds, a massive multi-ecosystem supply chain attack hits the LiteLLM AI framework, deepfake wire fraud scales, and critical patches drop for Citrix and legacy Apple devices.

Speed is the defining theme this year as the "Zero Day Clock" shrinks the window for defenders to a mere 1.3 days. From INTERPOL’s staggering report on AI-enhanced fraud to critical RCEs in Langflow and Cisco, the velocity of the threat landscape is reaching a fever pitch. We also dive into the Navia Benefit Solutions breach and the tightening web of multi-state compliance that is redefining incident response in 2026.

Adversaries are increasingly walking in through the front door – 3.3 billion stolen credentials and cloud tokens prove it. This week also brings likely AI-authored malware, compromised browser extensions, 14,000 infected routers powering a shadow proxy network, and regulatory movement on both consumer privacy and AI data practices.

It’s a Paper Trail for the week ending in March 7, 2026, and we’ll cover what happened last week in the Information Security space.

A critical Cisco SD-WAN authentication bypass has been silently exploited since 2023, a breach at ManoMano sheds light on risk management requirements with third-party partnerships, and AI-generated exploit code is accelerating vulnerability weaponization at scale.

Last week's headlines were dominated by a ransomware attack that shut down all 35 University of Mississippi Medical Center clinics and a billion-record data exposure at a KYC provider – but the deeper story is AI reshaping the threat landscape on both sides. From a 72-minute recon-to-exploit attack to Android malware leveraging Google Gemini for dynamic persistence, threat actors are moving faster while enterprise AI agents open new attack surfaces that traditional defenses weren't built for.

Attackers are weaponizing vulnerabilities within hours of disclosure. From Microsoft's six zero-days to cloud-native malware and 287 malicious Chrome extensions, here's what security teams need to know this week.