The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-34291 (CVSS score: 9.4) – An origin validation errorRead More »CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data. Tracked as CVE-2026-20223 (CVSS score: 10.0), the vulnerability arises from insufficient validation and authentication when accessing REST API endpoints. “An attacker could exploit this vulnerability ifRead More »Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named the suspect in February 2026Read More »Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada

It’s likely that cybercriminals will increase scam activity leading up to and during this event. 

Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022. “Showboat is a modular post-exploitation framework designed for Linux systems, capable of spawning a remote shell, transferringRead More »Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

The overarching theme of this year’s report is “keeping a strong foundation in the face of change.”