Mar 12, 2026

Email 1: Risky Bulletin: Gen. Joshua Rudd confirmed as next CyberCom and NSA head

– The US Senate confirmed Army Lt. Gen. Joshua M. Rudd as the leader of US Cyber Command and the NSA in a 71-29 vote.

– Rudd replaces Lt. Gen. William Hartman, who served as interim chief.

– Both agencies were without permanent leaders since April 2025.

– Rudd previously served as deputy chief of US Indo-Pacific Command.

– Some opponents cited his limited cybersecurity expertise as a concern.

– Cyber Command has been active in military conflicts with operations disrupting enemy systems.

– Additional news includes US plans for inter-agency cyber cell, UK’s new Online Crime Centre, new malware campaigns, and ongoing software vulnerabilities patched by vendors.

Email 2: DOGE engineer stole hundreds of millions of US taxpayers’ data, whistleblowers

– A whistleblower complaint alleges a former DOGE software engineer accessed and intended to share sensitive Social Security databases containing info on over 500 million Americans.

– The Social Security Administration’s inspector general has opened an inquiry and shared findings with the Government Accountability Office.

– The databases include personal details such as Social Security numbers, birth details, citizenship, race, ethnicity, and parents’ names.

– The engineer reportedly moved from the agency to a government contractor and planned to “sanitize” the data before transferring.

– The complaint does not confirm any data transfer occurred.

– The Social Security Administration and the contractor deny the claims; prior internal reviews found no substantiation.

– Broader concerns exist about privacy during Trump administration’s DOGE initiative.

– Meta announced new scam detection protections amid an international crackdown on fraud rings.

– China restricted OpenClaw AI apps on government devices due to security concerns.

– FBI’s New York Field Office suffered a hacker breach in 2023 accessing Epstein case files.

– Quittr app exposed sensitive data of hundreds of thousands through a security flaw.

– Microsoft released the March 2026 Patch Tuesday addressing 79 vulnerabilities including two zero-days.

– Other reports include breach investigations, cybercrime lawsuits, malware campaigns (e.g., BeatBanker Android banking trojan), and new partnerships/fundings in cybersecurity startups and acquisitions.

Email 3: US Senate confirms Gen. Joshua Rudd as head of NSA and Cyber Command | The CyberWire 3.11.26s

– The US Senate confirmed Gen. Joshua Rudd as head of US Cyber Command and the NSA with a 71-29 vote.

– He replaces Lt. Gen. William Hartman, who served since April 2025.

– Rudd has a long military career, most recently deputy director of US Indo-Pacific Command.

– There is debate on his limited cybersecurity background, with Senator Ron Wyden expressing concerns.

– Patch Tuesday updates included fixes for 83 vulnerabilities by Microsoft, including two publicly disclosed zero-days not currently exploited in the wild.

– Fortinet, Ivanti, Intel, Siemens, Schneider Electric, Mitsubishi Electric, and Moxa also released security patches.

– State and local governments are advised to prepare for potential cyber fallout due to the US-Iran conflict.

– Armadin, an AI-powered red teaming startup, launched with $190 million in funding led by Accel and other investors.

Email 4: Stryker Crippled by Iran-Linked Hacker Attacks

– Iranian-linked hacking activities severely impacted medical products maker Stryker.

– ‘BlackSanta’ malware used in attacks, which disables endpoint detection and antivirus before detonating payload.

– The Senate confirmed Joshua Rudd to lead NSA and US Cyber Command.

– OpenAI to acquire an AI security startup.

– Patch Tuesday for industrial control systems (ICS) saw vulnerabilities fixed by Siemens, Schneider, Moxa, Mitsubishi Electric.

– Other business news: acquisition of Wiz by Google Cloud, funding for cybersecurity startups including Jazz and Quantro Security.

– Reports of data breaches at Michelin and Bell Ambulance.

– Emerging cyber threats include new Salesforce customer breaches.

– Microsoft patched 83 vulnerabilities in their latest update.

– Featured expert insights on vulnerability management and risks from SIM swap attacks.

– Upcoming webinars and security conference information provided.

Stay Well!