![Cybersecurity News | Daily Recap [09 Mar 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [09 Mar 2026]")
Daily Recap, Microsoft is rolling out preview builds to Beta/Dev Insiders to fix bright white flashes in File Explorer on Windows 11 and provide patches (KB5079382, KB5079385) alongside KB5070311 and PowerShell workarounds for Explorer crashes. The update also highlights a critical unauthenticated Nginx UI flaw (CVE-2026-27944, CVSS 9.8) that can expose server backups and AES-256 keys via the X-Backup-Security header, plus notes on .arpa abuse by threat actors using Cloudflare and Hurricane Electric, and PSD2-guided phishing refunds, with the latest threat research weekly roundup dated 08 Mar 2026. #Windows11 #FileExplorer #NginxUI #arpa #Cloudflare #HurricaneElectric #PSD2
Software Bugs
- Microsoft is rolling out preview builds to Beta/Dev Insiders to fix bright white flashes in File Explorer on Windows 11, delivering patches (KB5079382, KB5079385) after KB5070311 and offering PowerShell workarounds for Explorer crashes β Explorer Flashes
Vulnerabilities
- A critical unauthenticated bug in Nginx UI (CVE-2026-27944, CVSS 9.8) lets attackers download full server backups and exposes the AES-256 key/IV in the X-Backup-Security header, enabling immediate decryption and full compromise β Nginx UI
Phishing & Fraud
- Researchers warn threat actors are abusing the special-use .arpa TLDβespecially ip6.arpaβand using providers like Cloudflare and Hurricane Electric with short-lived randomized hostnames to bypass reputation checks, while an EU Advocate General says banks must immediately refund phishing victims under PSD2, recovering later only for proven intent or gross negligence β .arpa Abuse, EU Refund
Reports
- Latest collection of recent posts and analyses in the threat research weekly roundup for 08 Mar 2026 β Weekly Recap