Tech & Security News

Name: TorrinPass
Rating: 4.8 (50 reviews)
Author: TorrinPass

Curated technology and security news relevant to password management, privacy, and digital security. All stories are from verified, reputable sources.

Last Updated: March 17, 2026

Two Chrome Zero-Days Actively Exploited in the Wild

Source: The Hacker News, Malwarebytes

Google patched two actively exploited high-severity zero-day vulnerabilities (CVE-2026-3909 and another) on March 13, 2026. Both were discovered by Google on March 10. CISA immediately added them to its KEV catalog.

Why It Matters: Chrome zero-days under active exploitation represent an immediate risk to billions of users. Update Chrome now.

Glassworm Supply Chain Attack Returns: 150+ GitHub Repos Compromised

Source: Aikido

The Glassworm supply chain attack resurfaced in March 2026 with a new mass wave targeting over 150 GitHub repositories, npm packages, and VS Code extensions using invisible Unicode malware. Injections date back to March 8, 2026.

Why It Matters: Software supply chain attacks continue to escalate. Developers should audit dependencies and use security scanning tools.

Fake Claude Code Install Pages Spreading Infostealers

Source: Malwarebytes

Attackers are cloning official Claude Code installation pages to distribute infostealer malware targeting both Windows and macOS users. Fake Homebrew install pages and malicious npm packages were also discovered in the same campaign.

Why It Matters: As AI developer tools grow in popularity, they become targets for social engineering. Always verify download URLs and use official sources.

Microsoft March 2026 Patch Tuesday: 8 Critical Vulnerabilities

Source: CrowdStrike, Krebs on Security

Microsoft addressed 82–93 vulnerabilities on March 10, including eight critical bulletins and two publicly disclosed flaws. CVE-2026-26110 and CVE-2026-26113 are critical RCE vulnerabilities in Microsoft Office (CVSS 8.4).

Action Required: Update Windows and Microsoft Office via Settings → Windows Update.

🛡️ Privacy & Data Breach News

Conduent Breach: One of the Largest in U.S. History

Source: Mashable, HIPAA Journal, Malwarebytes

The Conduent Business Services data breach has grown to affect up to 25 million individuals, making it one of the largest breaches in U.S. history. The Texas Attorney General is investigating, with approximately 4 million Texans affected. Blue Cross Blue Shield is among the entities impacted.

TorrinPass Protection: Use TorrinPass’s breach detection to check if your credentials are compromised. Change affected passwords immediately.

CISA Expands Known Exploited Vulnerabilities Catalog

Source: CISA (Mar 3), CISA (Mar 11)

CISA added vulnerabilities on March 3, March 11, and March 13, 2026 — including both Chrome zero-days. The KEV Catalog continues to be the authoritative list of actively exploited flaws.

Apple Backports Critical Security Fixes to Older Devices

Source: The Hacker News, TidBITS

Apple released iOS 26.3.1 on March 10, then on March 12 backported critical WebKit fixes (“Coruna” exploits) to older iOS and iPadOS versions. These vulnerabilities were actively exploited in the wild and had not been previously patched on older devices.

Action Required: Update all Apple devices — including older iPhones and iPads on previous iOS versions.

🤖 AI & Security Trends

Cyber Fraud Surpasses Ransomware as Top Threat

Source: Infosecurity Magazine

According to the World Economic Forum’s latest cybersecurity report, cyber fraud has dethroned ransomware as the most financially damaging cyber threat in 2026. Fraud schemes are increasingly AI-powered, using deepfakes and social engineering at scale.

Why It Matters: Strong, unique passwords and 2FA are critical defenses against account takeover fraud. Use TorrinPass to protect every account.

CISA Launches CIRCIA Cyber Incident Reporting for Critical Infrastructure

Source: CISA

CISA is holding public listening sessions throughout March 2026 for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which will require critical infrastructure operators to report cyber incidents within specific timeframes.

Why It Matters: Mandatory incident reporting will improve threat intelligence sharing and help the broader cybersecurity community respond faster.

📱 Password & Authentication News

Passkeys Continue Mainstream Adoption

Passkeys are seeing accelerated adoption in 2026 across major platforms:

✅ Apple (iOS 26, macOS, Safari)
✅ Google (Android, Chrome)
✅ Microsoft (Windows, Edge)

TorrinPass Tip: While passkeys are promising, passwords remain essential for the vast majority of services. Use TorrinPass to generate and store strong, unique passwords for every account.

Qualcomm Android Zero-Day Patched

Source: SOC Prime

Google’s March 2026 Android security bulletin addressed CVE-2026-21385, a high-severity zero-day in a Qualcomm Graphics subcomponent exploited in targeted attacks.

Action Required: Update Android devices to the latest security patch level.

📰 Trusted Sources

We curate news from these verified publications:

Source	Focus	Link
Hacker News	Tech community	news.ycombinator.com
The Hacker News	Cybersecurity	thehackernews.com
NIST	Standards	nist.gov
ISACA	Industry trends	isaca.org
IAPP	Privacy	iapp.org
Ars Technica	Tech news	arstechnica.com

💬 Join the Discussion

Have a security story to share? Contact us with tips or feedback.

🔐 Stay Secure with TorrinPass

Protect yourself against emerging threats:

Strong passwords — Generate unique passwords for every account
Built-in 2FA — Extra security layer without extra apps
Breach detection — Know if your passwords are compromised
Zero-knowledge — Your data stays private, always

Download TorrinPass