Major Cyber Attacks in March 2026: OAuth Phishing, SVG Smuggling, Magecart, and More 

**Executive summary:** March 2026 saw multiple active and varied cyber campaigns — ranging from OAuth device-code phishing (token abuse) and macOS stealer/backdoor operations to registry-stored DLL stagers deploying RATs, SVG-smuggling phishing, long-running Magecart payment skimming, a resilient multi-vector DDoS botnet (Kamasers), and a fast-spreading infostealer (MicroStealer) — impacting organizations across government, finance, healthcare, technology, education, manufacturing, and energy and accompanied by observable IOCs and sandbox behavioral indicators.