The Lyceum: Cybersecurity Daily — Mar 22, 2026

It's a Sunday, and the threat board doesn't care. Public exploit code for a Windows Notepad vulnerability just went live on GitHub, turning the world's most boring text editor into a phishing weapon. WorldLeaks — Hunters International's fresh rebrand — posted 159.9 GB of City of Los Angeles data and disrupted transit systems. OpenClaw, the AI agent framework that rocketed past React on GitHub's star charts, is seeing CVEs accumulate rapidly. And Microsoft shipped an emergency fix after a security update caused failures in some of its apps. The theme today isn't one big event — it's the sheer number of things going wrong simultaneously across completely different surfaces.

• KB5085516 — Emergency Windows 11 Fix (Microsoft): Out-of-band optional patch resolving sign-in and connectivity failures caused by the March security update KB5079473.
• CVE-2026-20841 PoC Exploit Code (tangent65536): Public proof-of-concept for Windows Notepad Markdown RCE, now live on GitHub.
• OpenClaw 2026.2.25 (OpenClaw): Patches five CVEs including privilege escalation (CVE-2026-32042) and allowlist bypass (CVE-2026-32056).
• Exploit-DB #52485 — mailcow Host Header Injection: Public exploit for password reset poisoning in mailcow 2025-01a self-hosted email.
• Exploit-DB #52481 — motionEye RCE: Unauthenticated remote code execution on the popular open-source camera management platform, version 0.43.1b4.
• Exploit-DB #52486 — WordPress Backup Migration RCE: Unauthenticated command execution exploit for WordPress Backup Migration plugin 1.3.7.

Nobody thinks of a Notepad file as dangerous. That instinct is exactly what makes this work.

When Microsoft added Markdown rendering to Notepad in 2025, it opened an attack surface researchers found almost immediately. CVE-2026-20841 — CVSS 8.8, patched in February's Patch Tuesday — lets an attacker embed a malicious link inside a .md file that, when clicked in Notepad, launches unverified protocols to load and execute remote code with the user's full permissions. The delivery is trivial: email someone a Markdown file, ask them to review your notes, wait. Per Help Net Security, the fact that Markdown files have no historical association with malware makes users far less cautious about opening them.

The new development today: multiple public proof-of-concept repos went live on GitHub and the story had 800+ points on Hacker News as of publication. That means the gap between "patched" and "weaponized by someone skimming GitHub" just collapsed. Notepad updates through the Microsoft Store automatically — if automatic updates aren't disabled. The patched build is 11.2510 or later. Per SOC Prime, enterprises that don't enforce Store app version compliance are the ones exposed.

If working exploit code shows up in commercial phishing kits this week — and timelines suggest days, not weeks — .md files will need the same email gateway treatment as Office macros: block or sandbox by default. Check your Notepad version now. Open it, go to Settings, confirm 11.2510 or higher.

When ransomware hits a city's transit system, the damage isn't abstract — people miss buses, emergency systems slow, and responders work around IT outages instead of focusing on actual emergencies.

WorldLeaks — the group that rebranded from Hunters International earlier this year — posted 159.9 GB of stolen City of Los Angeles data over the weekend and is reported to have disrupted LA Metro systems, forcing staff onto backup workflows. The rebrand wasn't cosmetic: WorldLeaks positions itself as a "leak-first" operation, publishing stolen data publicly as leverage rather than waiting on ransom negotiations. That compresses the breach window and raises pressure on victims before they've even finished scoping the damage.

A 159.9 GB exfiltration from a city government is a serious haul — typically employee records, contracts, internal communications, and potentially law enforcement data. If WorldLeaks publishes a second dump within 72 hours, that would be consistent with negotiations collapsing and could lead to a broader disclosure scope. Anyone working with LA city systems should assume internal contact information and credentials from affected systems are now in threat actor hands, and watch for follow-on spearphishing targeting city employees and vendors.

OpenClaw — the AI agent framework that surpassed React as GitHub's most-starred project in just three months — accumulated five new CVEs in the past 48 hours, and the picture they paint is ugly.

CVE-2026-32042 (CVSS 8.8) lets attackers with shared gateway access present a self-signed device identity and obtain admin-level operator scopes without approval. Per RedPacket Security, it affects versions 2026.2.22 through 2026.2.24. CVE-2026-32056 (CVSS 7.5) lets remote attackers bypass command allowlist protections entirely by injecting malicious shell startup files through unsanitized environment variables. Per Dark Reading, out of 10,700 skills on ClawHub (OpenClaw's plugin marketplace), researchers at Koi Security found more than 820 were malicious — up from 324 just weeks earlier. And the default configuration binds to 0.0.0.0:18789 — meaning it listens on all network interfaces, including the public internet, with system-wide permissions. Per CyberDesserts, the default should be 127.0.0.1. It is not.

What makes this different from a typical CVE disclosure is the adoption curve. OpenClaw went from zero to ubiquitous in three months, meaning the installed base is enormous and security practices around it are immature. If scanners add OpenClaw-specific checks within 24–72 hours, internet-facing instances running pre-2026.2.25 versions would be at high risk. Patch now, audit every ClawHub skill you've installed, and change the bind address.

Microsoft shipped an out-of-band patch today to fix problems caused by its own March 2026 security update. The original update, KB5079473, was breaking internet connectivity for some Windows 11 users — preventing sign-ins to Teams, Office, OneDrive, and Outlook even with a stable connection.

The emergency fix, KB5085516, is currently optional, meaning it won't install automatically. Microsoft recommends it only for users experiencing these specific sign-in failures. The issue appears to stem from how the March update interacted with Microsoft account authentication, creating errors that looked like network problems but weren't.

This matters beyond the immediate inconvenience. Security updates that break core productivity tools create a perverse incentive: users and admins who got burned will delay future patches, widening the window for exploitation of the vulnerabilities those patches are meant to fix. If you see additional emergency patches or rollback notices from Microsoft in the coming days, treat that as an operational risk signal for your entire patching pipeline — not just this one update.

CERT-UA Advisory #19542 warns that UAC-0001 — the designation for APT28 (Fancy Bear), Russia's GRU-linked cyber unit — is conducting active cyberattacks against Ukrainian and EU targets using an exploit for CVE-2026-21509. The advisory details the campaign's targeting of government and defense-sector organizations across multiple EU member states, using the vulnerability as an initial access vector. For defenders in NATO-adjacent or EU government networks, this is actionable intelligence: hunt for indicators tied to CVE-2026-21509 exploitation and ensure patches are applied.

Source: CERT-UA Advisory #19542 — Ukrainian. No English-language coverage confirmed at time of publication.

Check Point Research published analysis on how Iranian state-linked groups are compromising IP cameras in the Middle East and using the access to support physical military operations — surveillance, target identification, and situational awareness for kinetic strikes. This bridges the gap between cyber intrusion and battlefield intelligence in a way that's increasingly difficult to dismiss as theoretical. Organizations operating IP camera infrastructure in conflict-adjacent regions should treat camera networks as intelligence targets, not just IT assets.

Source: Check Point Research — English (first publication, not yet picked up by English-language press). No English-language coverage confirmed at time of publication.

Check Point details a campaign by "Silver Dragon," a threat actor targeting organizations across Southeast Asia and Europe. The report covers the group's TTPs including initial access vectors and post-exploitation tooling. This is a new named threat actor with cross-regional targeting — worth monitoring for defenders in ASEAN and European enterprise environments.

Source: Check Point Research — English (first publication, not yet picked up by English-language press). No English-language coverage confirmed at time of publication.

A text editor that executes code, a city that lost 159.9 GB before anyone noticed, and an AI agent framework where about one in thirteen plugins is actively malicious. The security industry spent years warning that "everything is a computer now" — turns out everything is also an attack surface now, including your notes app, your prayer app, and your camera that was supposed to be the security. Stay paranoid. ⚡

If someone you know runs Notepad, OpenClaw, or a city — forward this.