• Last modified: April 14, 2026

Top Motivations - March H2 2026

Top Attack Techniques - March H2 2025

Top Initial Access Techniques - March H2 2026

Top Targeted Sectors - March H2 2026

The second half of March 2026 has been very active from an infosec standpoint, with 124 events (8.27 events/day) and a threat landscape dominated by malware with 40%, (it was 47% in the first half of March), once again ahead of account takeovers (up to 22% from 16%) and ransomware (slightly  up to 9% from 8%), confirming the same positions of March H1.

As always, cyber crime led the motivations chart with 65%, slightly up from the previous timeline, when it was 63%; and once again ahead of cyber espionage slightly down at 15% from 16%, followed by Hacktivism, yet another fortnight fueled by the events in the Middle East, with 7%, from 5% of the first fortnight of March, whilst Cyber warfare closes the chart, once again with 3%.

In the second half or March, the initial access techniques saw social engineering on top with 19% (up from 13%), the same value of phishing, which was 14% in the previous timeline. Once again the third place is for supply chain compromises at 10%, slightly up from 9%.

And in this timeline, targets belonging to Public Administration sector took the lead of the Top Targeted Sectors chart with 22% (it was 14%), ahead of Information and Communication down at number two with 20%, (it was 16%), and generic operations against Individuals, which close the podium far with 6%.

Besides these trends, this timeline in particular is rich of interesting events, such as additional mega breaches , so my final suggestion does not change: browse the timeline for the details of all the events collected in this fortnight.

As always bear in mind that the sample refers exclusively to the attacks included in my timelines, available from public sources such as blogs and news sites. Obviously the sample cannot be complete, but only aims to provide an high level overview of the threat landscape.

BE NOTIFIED OF NEW BLOG POSTS: SUSCRIBE!

SUPPORT MY WORK, MAKE A DONATION!

• 16-31 March 2025 Cyber Attacks Timeline
  

  The second half of March 2026 has been very active from an infosec standpoint, with 124 events and a threat landscape dominated by malware. As always, cyber crime led the motivations chart with 65%, slightly up from the previous timeline.

• 1-15 March 2026 Cyber Attacks Timeline
  

  In the first half of March 2026 I collected 95 events (6.34 events/day) with a threat landscape dominated by malware once ahead of account takeovers and ransomware.

• Malicious Campaigns Using AI-generated Malware in 2026
  

  In this blog post I am collecting the campaigns that show evidence of being AI-generated, or make use of AI tools to increase their impact. As always I will continue to update the list as soon as new campaigns emerge.

• February 2026 Cyber Attacks Statistics
  

  After the cyber attacks timelines, it’s time to publish the statistics for February 2026 where I collected and analyzed 176 events. In February 2026, Cyber Crime continued to lead the Motivations chart with 62%.

• Mega Breaches in 2026
  

  Here’s a collection of the main mega breaches (that is data breaches with more than one million records compromised and possibly leaked) during 2026. The information is derived from the cyber attacks timelines that I published, normally, on a bi-weekly basis.