Security Signals (3/10/24-3/24/26)

A multi-vendor threat roundup summarizing numerous active cyber incidents and research from March 2026, including phishing campaigns using IPv6 tricks, macOS and Windows infostealers and RATs (Remcos, Scarface, PureLog, VoidStealer), ransomware and AI-assisted campaigns (Interlock, GIBCrypto, LeakNet, Slopoly), supply-chain compromises affecting CI/CD and package ecosystems (Trivy, TeamPCP, CanisterWorm), APT activity (MuddyWater, Boggy Serpens), and infrastructure for large-scale data exfiltration and skimming. The collection highlights evolving TTPs, fileless and multi-stage loaders, malicious browser extensions, social engineering vectors (fake ChatGPT, Telegram, Teams), and active abusive infrastructures targeting diverse platforms and ecosystems.