April 2026 security update: Evasion‑driven attacks and high‑impact vulnerabilities

Today’s threat landscape 

Evasion tactics on the rise 

March surfaced several distinct attack trends worth flagging. A newly documented technique called Zombie ZIP enables malicious files to pass through nearly every major antivirus product undetected, by exploiting a mismatch in how different tools interpret compressed archives. When the security scanner opens the file, it analyses meaningless data rather than the actual payload hidden inside. Moreover, Google’s threat intelligence team highlighted that cybercriminals are increasingly targeting gaps in third-party and supplier software as a route into cloud environments rather than attacking organizations directly; the Trivy incident described in the vulnerabilities section below is a clear illustration of this approach in practice. 

On the social engineering front, BlueVoyant tracked a campaign in which cybercriminals impersonated IT support staff on Microsoft Teams, first flooding targets with spam emails to create a plausible pretext, then offering to help resolve the issue over a remote-access session. Once the employee granted access, the cybercriminals installed a hidden backdoor that disguised its communications as routine internet traffic to avoid detection - financial and healthcare organizations were the primary targets. A parallel campaign used the same Teams-based social engineering approach to install a different set of attack tools, suggesting the method is being widely replicated. 

The common thread across these cases is evasion: cybercriminals are investing heavily in techniques that make malicious activity look normal. Practically, this means organizations should treat any unsolicited remote-support request - especially one arriving via a chat platform - as a high-risk event. These events require verification through a separate channel, a review of how email security tools handle compressed file attachments, and making sure that AI development tools are not run against untrusted code without appropriate safeguards. 

Top 3 vulnerabilities 

Critical vulnerability in AI workflow platform allows server takeover 

An urgent patching priority this month is CVE-2026-33017 (CVSS 9.3), a critical vulnerability in Langflow - an open-source platform widely used to build, test, and deploy AI-powered applications and automation workflows. The vulnerability allows anyone on the internet, without an account or prior access, to execute commands directly on the server running Langflow simply by sending a specially crafted request to the application. Because many organizations expose Langflow publicly to support collaborative AI development, the attack surface is broad, and the bar for exploitation is very low. 

Sysdig observed the first attacks in the wild just 20 hours after the vulnerability was disclosed on March 17th - before any working attack demonstration had been published, indicating that organized threat actors were monitoring the advisory immediately. Cybercriminals in those early campaigns focused on extracting credentials and configuration data from compromised servers. 

CISA added CVE-2026-33017 to its Known Exploited Vulnerabilities (KEV) catalogue on March 25th, setting a federal remediation deadline of April 8th. Any organization running a publicly accessible Langflow instance should treat version 1.9.0 as an emergency update. 

Vulnerabilities in Citrix expose session data 

Citrix disclosed two vulnerabilities in March affecting NetScaler ADC and NetScaler Gateway, the appliances that many organizations use to manage secure remote access for employees, including VPN connections and web application delivery. The first, CVE-2026-3055 (CVSS 9.3), affects appliances set up for single sign-on authentication. In this configuration, an unauthenticated cybercriminal - someone who has not logged in - can send a crafted request that causes the appliance to leak portions of its internal memory, potentially exposing active session tokens or credentials that could then be used to impersonate legitimate users. The second, CVE-2026-4368 (CVSS 7.7), is a timing vulnerability in the remote access configuration that can cause a user’s session information to be mistakenly served to another user. 

This vulnerability has been added to CISA’s KEV Catalogue and active exploitation has been observed by several independent security researchers. Citrix has released updated firmware that addresses both issues - organizations should apply it and verify their appliance configurations without delay. 

Security scanner Trivy weaponized in supply chain attack

The Trivy incident is one of the most significant software supply chain attacks of the year, and serves as a warning to any organization that relies on automated build and deployment pipelines. Trivy is a widely used open-source security scanner that checks software for known vulnerabilities. It is trusted precisely because it operates within the development workflow, often running automatically whenever new code is built. 

In March, cybercriminals who had previously stolen an administrative credential from the Aqua Security team used that access to quietly replace legitimate versions of the Trivy tool - including copies distributed through GitHub and as container images - with tampered versions containing a hidden data-theft component. According to Aqua Security’s own advisory, any automated workflow that downloaded and ran one of these tainted versions between March 19th  - 20th would have had its cloud provider credentials, server access keys, and infrastructure configuration silently copied and sent to cybercriminals. 

The incident highlights a risk that is easy to overlook in organizations that have invested heavily in automation: the security tools themselves can become an attack vector if the supply chain around them is compromised. Any organization that ran automated pipelines during the exposure window should assume its infrastructure credentials may have been stolen and rotate them as a precaution. Safe versions are trivy 0.69.3, trivy-action 0.35.0, and setup-trivy 0.2.6. 

Industry news 

A rapidly escalating threat landscape meets growing enforcement and regulatory pressure 

Three major annual threat intelligence reports published in early 2026 paint a picture of a threat landscape accelerating beyond many defenders’ ability to keep up. VulnCheck’s 2026 Exploit Intelligence Report found that over 14,000 working attack methods were developed for more than 10,000 separate vulnerabilities in 2025, a 16.5% year-over-year increase. IBM’s X-Force Threat Intelligence Index recorded a 44% rise in attacks targeting internet-facing business applications and confirmed that exploiting software vulnerabilities had become the single most common way cybercriminals gain an initial foothold - accounting for 4 in 10 incidents. Meanwhile, Flashpoint’s 2026 Global Threat Intelligence Report documented criminal use of AI tools surging 1,500% in just the final weeks of the year. 

The good news is that a significant law enforcement success closed out last month. On March 11th, Europol coordinated Operation Lightning with authorities from Austria, Bulgaria, France, Germany, Hungary, the Netherlands, Romania, and the United States to dismantle SocksEscort, a long-running criminal service that rented out anonymized internet connections to other criminals. Since 2020, the operation had quietly hijacked internet connections across 163 countries to create a pool of untraceable browsing routes available for hire. Clients used these connections to conceal the origin of ransomware attacks, disruptive campaigns, and distribution of illegal content. Authorities seized 34 web domains and 23 servers across seven countries and froze the equivalent of USD 3.5 million in cryptocurrency. The operation reflects both the scale of the infrastructure-for-hire ecosystem underpinning much of organized cybercrime and the level of sustained multinational cooperation now required to disrupt it. 

On the regulatory front, a survey of security leaders across UK critical infrastructure sectors found that 35% now identify regulation as their primary driver for cyber security investment - up from 26% the year before - as the UK Cyber Security Resilience Bill and a 2028 national compliance deadline approach. Separately, the Swedish Security Service published its annual threat assessment - the first covering a full year of Sweden’s NATO membership - identifying Russia, China, and Iran as the primary state-level threats. The assessment describes a pattern of persistent attacks against both public institutions and private companies, efforts to acquire Swedish technology and expertise through illegal channels, and growing concern about insider threats as the country’s defense sector expands rapidly. 

Together, these developments highlight a year in which threats expanded in scale and sophistication, while both governments and law enforcement ramped up the pressure needed to counter them. The gap between attacker innovation and defender readiness is widening - but so too is the resolve to close it.