Overview of Content Published in March

This article serves as a monthly roundup of security tool updates and research publications released in March. It primarily details version updates for various analysis utilities such as oledump.py, pdf-parser.py, and base64dump.py, which are commonly used for malware analysis and document inspection. Additionally, the post references SANS ISC Diary entries covering Wireshark releases and techniques for analyzing ZIP files embedded within RTF documents. A specific vulnerability, CVE-2026-0866, is noted in the context of Zombie Zip files. No specific threat actors or active malware campaigns are identified within this text. The content is informational, aimed at security analysts maintaining their toolsets rather than reporting on immediate cyber threats. Consequently, the severity is low, as the post functions as a repository index rather than an alert on active exploitation or compromise. Analysts should utilize these updated tools to enhance detection capabilities against potential future exploits.

Here is an overview of content I published in March: Blog posts: Update: base64dump.py Version 0.0.29 Update: emldump.py Version 0.0.16 Update: search-for-compression.py 0.0.6 Update: pecheck.py Version 0.7.20 Update: zipdump.py Version 0.0.34 Update: zipdump.py Version 0.0.34 Update: pdf-parser.py Version 0.7.14 Update: oledump.py Version 0.0.84 Update: oledump.py Version 0.0.85 SANS ISC Diary entries: Wireshark 4.6.4 Released Quick […]

This article serves as a monthly roundup of security tool updates and research publications released in March. It primarily details version updates for various analysis utilities such as oledump.py, pdf-parser.py, and base64dump.py, which are commonly used for malware analysis and document inspection. Additionally, the post references SANS ISC Diary entries covering Wireshark releases and techniques for analyzing ZIP files embedded within RTF documents. A specific vulnerability, CVE-2026-0866, is noted in the context of Zombie Zip files. No specific threat actors or active malware campaigns are identified within this text. The content is informational, aimed at security analysts maintaining their toolsets rather than reporting on immediate cyber threats. Consequently, the severity is low, as the post functions as a repository index rather than an alert on active exploitation or compromise. Analysts should utilize these updated tools to enhance detection capabilities against potential future exploits. Here is an overview of content I published in March: Blog posts: Update: base64dump.py Version 0.0.29 Update: emldump.py Version 0.0.16 Update: search-for-compression.py 0.0.6 Update: pecheck.py Version 0.7.20 Update: zipdump.py Version 0.0.34 Update: zipdump.py Version 0.0.34 Update: pdf-parser.py Version 0.7.14 Update: oledump.py Version 0.0.84 Update: oledump.py Version 0.0.85 SANS ISC Diary entries: Wireshark 4.6.4 Released Quick […] Here is an overview of content I published in March: Blog posts: Update: base64dump.py Version 0.0.29 Update: emldump.py Version 0.0.16 Update: search-for-compression.py 0.0.6 Update: pecheck.py Version 0.7.20 Update: zipdump.py Version 0.0.34 Update: zipdump.py Version 0.0.34 Update: pdf-parser.py Version 0.7.14 Update: oledump.py Version 0.0.84 Update: oledump.py Version 0.0.85 SANS ISC Diary entries: Wireshark 4.6.4 Released Quick Howto: ZIP Files Inside RTF YARA-X 1.14.0 Release Analyzing “Zombie Zip” Files (CVE-2026-0866)