March IT news and research roundup

Microsoft researchers report phishing campaigns using weaponized PDFs, and conferencing tools signed with an Extended Validation certificate from remote monitoring company, Trust Connect. This leads victims to download the legitimate software, alongside a Remote Access Trojan (RAT) and unvetted remote management tools.

Outrageously, Trust Connect even charged USD300 for their RMM. This shows that scammers are going to incredible lengths to now gain access to your data–and remote monitoring software is another new frontier.  

^{Read more: Microsoft warns of new signed malware which deploys remote monitoring tools as backdoors | TechRadar ↗}

Endpoint management tools are under fresh scrutiny as CISA urges organizations to harden their systems following the March cyberattack on medical technology firm Stryker.

CISA said it has seen malicious activity targeting endpoint management systems after the incident and recommends tighter admin roles, stronger configurations, and stricter access controls. Reporting says Microsoft Intune was allegedly used in the attack—but the broader lesson goes beyond one platform.  

^{Read more: CISA urges endpoint management system hardening after cyberattack against U.S. organization ↗}

Meta is acquiring Moltbook, the Reddit-like social network for AI agents (first mentioned in our last roundup), to join its Superintelligence Labs. Weird premise, but also another sign that agent-to-agent workflows are moving from novelty to a strategic bet for major platforms.

^{Read more: Meta acquires Moltbook, the Reddit-like network for AI agents | The Verge ↗}

Recent research reports that cybercriminals are "vibe-hacking" campaigns with generative AI, using it to generate lures, customize payloads, and scale basic attacks quickly. And while they might not look pretty, they work.

At this volume and speed, you don’t need to be elegant to cause serious damage. For lean IT teams, that makes robust controls and rapid remediation more important than the fantasy of perfect prevention.

^{Read more: Hackers are turning to easy, fast AI solutions to roll out attacks - so how can your business stay safe? | TechRadar ↗}

Lastly, a curious story from The Guardian: Melbourne-based startup Cortical Labs has created “the world’s first code-deployable biological computer” run on 200,000 human brain cells, and it’s now happily playing the computer game Doom.

Sounds gimmicky, and perhaps it is a bit, but code-deployable biological computing holds the promise of very real value in biomedical research and drug testing.  

^{Read more: A petri dish of human brain cells is currently playing Doom. Should we be worried? ↗}