Cyber Security Weekly: Top stories from Last Week (March 1– March 7, 2026)

1. The FBI disclosed suspicious cyber activity on an internal network tied to surveillance data, and investigators reportedly suspect China.
   This stands out because it touches a sensitive U.S. federal system; the FBI described the techniques as sophisticated, and Reuters reported the targeted system held information related to domestic surveillance orders.
2. The Iran conflict spilled into cyberspace, with attacks on Iranian digital infrastructure and growing warnings about retaliation.
   Reuters reported hacks against Iranian sites and the BadeSaba app during the opening phase of the strikes, while U.S. banks moved to heightened alert for possible Iran-linked cyber activity, and Europol warned of a broader rise in cyberattacks tied to the crisis.
3. Cisco warned that multiple vulnerabilities in Catalyst SD-WAN are being actively exploited in the wild.
   That matters because SD-WAN gear sits deep in enterprise networks, and Cisco said newly patched flaws were under active exploitation, with one earlier bug chain allowing attackers to bypass authentication, escalate privileges, and establish persistence.
4. TriZetto’s healthcare-data breach disclosure grew into a major story because of the scale and sensitivity of the exposed data.
   BleepingComputer reported that more than 3.43 million people were affected, with exposed data potentially including names, addresses, birth dates, Social Security numbers, Medicare identifiers, and insurance information.
5. International authorities dismantled the Tycoon 2FA phishing platform.
   This was a big defensive story: Europol-linked action seized 330 domains, and The Record reported the service had targeted more than 500,000 organizations worldwide, including hospitals and schools, while helping criminals bypass MFA protections in real time.

Closest call / honorable mention: LexisNexis confirmed a breach after a threat actor leaked data allegedly taken from a limited number of servers containing mostly legacy data from before 2020. It did not make my top five only because the company said the matter was contained and there was no evidence of impact to products and services.

At Commonwealth Sentinel, we stay focused on cyber security so you can focus on other things. Contact us today or sign up for a free consultation.