Executive Summary: Critical Infrastructure Targets
South Africa's threat landscape remains under pressure from financially motivated criminal networks. This week is dominated by critical vulnerabilities in Cisco security infrastructure, active zero-day exploitation in web browsers, and a significant regulatory focus on POPIA health data compliance.
Key Insight: The detection of CVSS 10.0 vulnerabilities in Cisco Secure FMC represents a high-risk scenario for South African enterprises utilizing these platforms for central security management.
Interactive Technical Brief
Navigate the full Week 11 report below for deep dives into ransomware trends, OSINT exposure, and the March 2026 Patch Tuesday analysis.
Critical Vulnerabilities (CISA KEV & Zero-Days)
- Cisco Secure FMC (CVE-2026-20079 & 20131): CVSS 10.0. Authentication bypass to root and RCE via Java deserialization.
- Google Chrome (CVE-2026-3909 & 3910): Two zero-days in Skia and V8 components being exploited in the wild.
- Microsoft Patch Tuesday: 84 total flaws addressed, including critical RCE vulnerabilities in Windows and Office components.
- FortiClient EMS (CVE-2026-21643): CVSS 9.8 SQL injection allowing pre-authentication remote execution.
Regulatory Update: POPIA Health Data
The Information Regulator (IR) has released its 2026/27 Annual Performance Plan, indicating a pivot toward stricter enforcement. This aligns with newly issued POPIA health data regulations, following global trends where misconfigured servers have exposed millions of sensitive medical records.
Weekly Strategic Recommendations
- Emergency Patching: Prioritize Cisco Secure FMC and FortiClient EMS updates immediately.
- Browser Security: Force update Google Chrome to version 122.0.6261.128 or later.
- Compliance Audit: Review health information processing against the new March 2026 IR guidelines.
- Credential Hygiene: Monitor for leaked credentials following the "Mother of All Breaches" (MOAB) data re-circulation.