March 16, 2026 Emerging Threats Weekly
This week’s briefing covers: Dive deeper.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Top 10 Identity and Access Management (IAM) Vendors of 2026
We log into tons of apps each day, running on digital identities. With just one click, you can access thousands of apps without breaking a sweat. However, digital identities bring with them cyber threats, which are growing sharper each day, and compliance is getting tighter. So, who is the right person to trust to safeguard your digital identities? As organizations, you collect, store, analyze, and process sensitive data, which needs to be safeguarded with the right tech and tools.
Glassworm Strikes Popular React Native Phone Number Packages
On March 16, 2026, two React Native npm packages from the AstrOOnauta were backdoored in a coordinated supply chain attack. Both releases added an identical install-time loader that fetches and executes a multi-stage Windows credential and crypto stealer, triggered by nothing more than a routine npm install. The affected packages are react-native-country-select@0.3.91 and react-native-international-phone-number@0.11.8.
See through document fraud with Document AI Enhanced Fraud Detection
On April 2, 1796, a full house packed the Drury Lane Theatre in London, eager to witness the first showing of a newly discovered Shakespeare play. The problem was that William Henry Ireland wrote the play, Vortigern, and the entire production was a hoax. Although there was some controversy before opening day, several experts reviewed the manuscript and supporting documents and confirmed that the play was a long-lost Shakespeare original.
The 10 Types of Insider Threats Every Security Team Needs to Know
Insider threats account for 34% of all data breaches, yet most organizations are still building security programs designed to stop attackers from the outside. The harder truth? The risk is already inside your walls, and it doesn't always look like a criminal. Not every insider threat is malicious. Some are distracted. Some are overworked. Some are just trying to get things done faster.
Code Review That Learns: Inside Cato R&D's Self-Evolving PR Review Agent
Agentic AI promises to improve work processes in all domains and industries. R&D is no different. Recently, Cato R&D built an internal self-evolving pull request (PR) review agent that keeps reviewers in flow by commenting only on high-impact, high-confidence issues, validating every change against its spec from the PR and Jira, and learning continuously from developer feedback through long-term, episodic memory. What were the results?
Identity Enrichment with the Falcon Browser Extension and Next-Gen Identity Security
Falcon Next-Gen Identity Security enriches cloud authentication with verified endpoint context using the Falcon sensor and Browser Extension. Watch the demo to see how CrowdStrike eliminates blind spots between endpoint and cloud to accelerate investigations and stop identity-based attacks.
DORA's Penetration Testing Requirement
Why does continuous testing matter for the Digital Operational Resilience Act (DORA) compliance? Explore how Articles 6, 9, 10, 13, and 16 reinforce the need for continuous testing.
Stryker's Network Disruption - The 443 Podcast - Episode 362
This week on the podcast, we cover the cyber attack that managed to wipe more than 200,000 resources off of the medical technology giant Syryker's network. After that, we review a research post on a good chrome extension gone bad. We end by discussing a recent Microsoft threat intelligence post on how North Korean-backed threat actors have operationalize AI for job scams.
Automation vs. Augmentation: What AI Means for Your Team
AI is everywhere in cybersecurity. For partners, the real question is not about the technology. It is about your people. Is AI replacing analysts, or making them more effective? In this session, we break down the differences between automation and augmentation and why they matter for MSPs delivering security services. Automation removes repetitive SOC work such as triage, enrichment, and basic containment. Augmentation strengthens human experts with faster investigation, clearer attack mapping, and smarter response decisions.