Malware Dominates Early March 2026 Cyber Attacks, Phishing Rises, ICT & Fintech Sectors Targeted
What Happened – In the first half of March 2026, 95 cyber events were recorded (≈6.3 events/day). Malware accounted for 47 % of incidents, overtaking account takeovers (16 %) and ransomware (8 %). Phishing was the leading initial‑access technique at 14 %, while supply‑chain compromises fell to 9 %. The most‑hit sectors were Information & Communication (16 %), Public Administration (14 %) and Fintech (9 %).
Why It Matters for TPRM –
- Malware and phishing spikes increase the likelihood of credential theft and ransomware propagation through third‑party networks.
- ICT, public‑sector and fintech vendors are experiencing heightened targeting, raising supply‑chain risk.
- Declining supply‑chain compromises do not eliminate the need for continuous third‑party vetting.
Who Is Affected – Information & Communication services, Public Administration bodies, Fintech firms, and any downstream customers relying on these providers.
Recommended Actions – Review and harden phishing‑resistance controls with vendors, validate malware detection capabilities, reassess supply‑chain risk assessments, and monitor sector‑specific threat feeds for emerging tactics.
Technical Notes – Aggregate timeline; no specific CVEs or malware families disclosed. Attack vectors are primarily phishing and generic malware delivery. Source: Hackmageddon – 1‑15 March 2026 Cyber Attacks Timeline