White House Unveils Offensive Cyber Strategy as Microsoft & Google Patch Actively Exploited Zero-Days

Publication Date: March 13, 2026

Summary

This week in cybersecurity, the Trump administration announced a major shift in U.S. policy with a new, more aggressive national cyber strategy focused on offensive operations and deregulation. Concurrently, Microsoft and Google scrambled to release emergency patches for multiple zero-day vulnerabilities under active exploitation, including critical flaws in Windows RRAS and the Chrome browser. Threat actors also remained highly active, with state-sponsored groups from China targeting defense contractors and Southeast Asian militaries, while an international takedown disrupted the 'Tycoon 2FA' phishing-as-a-service platform that enabled widespread MFA bypass attacks.

Today New Articles

Microsoft Rushes Emergency Hotpatch for Critical RCE Flaws in Windows RRAS

Microsoft has issued an emergency, out-of-band hotpatch (KB5084597) on March 13, 2026, to address three critical remote code execution (RCE) vulnerabilities in the Windows Routing and Remote Access Service (RRAS). The flaws—CVE-2026-25172, CVE-2026-25173, and...

Chinese Spy Group Targets Southeast Asian Militaries with Custom 'AppleChris' & 'MemFun' Backdoors

A suspected China-based cyber espionage group, tracked as CL-STA-1087, is conducting a long-running intelligence-gathering campaign against military organizations in Southeast Asia. Active since at least 2020, the operation demonstrates high sophistication, us...

Malicious AI Browser Extensions Caught Stealing ChatGPT Prompts and Corporate Data

Security researchers have uncovered a widespread data harvesting campaign involving malicious Chromium browser extensions disguised as helpful AI assistants. These extensions, installed nearly 900,000 times from official browser stores, targeted over 20,000 en...

'SocksEscort' Proxy Botnet Used for Millions in Fraud Dismantled by FBI & Europol

An international law enforcement action named 'Operation Lightning' has dismantled 'SocksEscort,' a massive residential proxy service that facilitated widespread cybercrime. The service operated by infecting hundreds of thousands of home and business routers w...

China's CERT Warns 'OpenClaw' AI Model Can Be Abused to Delete Data, Expose Keys

China's national Computer Emergency Response Team (CERT) has issued a significant security warning about the 'OpenClaw' AI model. According to the alert reported on March 12, 2026, the model can be manipulated to perform dangerous and destructive actions, such...