Qualys

A critical remote code execution vulnerability has been identified in n8n, the popular open-source workflow automation tool. Tracked as CVE-2026-33660 with a CVSS score of 9.4, this flaw allows authenticated attackers to bypass sandboxing and execute arbitrary commands on the host system. Read the technical breakdown and mitigation steps on the Qualys blog. https://lnkd.in/g7MdRfmi #Cybersecurity #n8n #VulnerabilityManagement

CISA has added a critical vulnerability in F5 BIG-IP Access Policy Manager to its Known Exploited Vulnerabilities catalog. Tracked as CVE-2025-53521, this flaw allows for remote code execution and is currently seeing active exploitation. Read the full technical analysis on the Qualys blog. https://bit.ly/4uZXBrF #Cybersecurity #CISA #VulnerabilityManagement

The future of cyber risk management is coming to London. Join us April 21–22 in London for ROCon 2026 EMEA, the premier gathering for cybersecurity leaders to move beyond the noise and focus on what matters: de-risking the business. Designed for both strategic decision-makers and technical operators, ROCon features two dedicated tracks: > Business Track – align cyber risk to business impact, quantify exposure, and operationalize risk-informed decisions > Technical Track – deep dives into threat detection, cloud security, and hands-on workshops to strengthen real-world defenses Expect two days of executive-level insights, peer exchange, and practitioner-led sessions built to help you translate security into business value. Complimentary for security professionals. Register now to secure your spot. https://bit.ly/48iBN0J #ROCon26 #CyberSecurity #RiskOps #EMEA #London

That’s a wrap on RSAC 2026. It was a great week connecting with customers, partners, and industry peers, with a steady drumbeat of conversations around cyber risk, cloud security, and the evolving role of the CISO. From executive media interviews and hands-on discussions to partner events, our team stayed focused on what matters most—helping organizations de-risk their business and better understand and reduce risk. We also introduced Agent Val, our AI-powered capability designed to validate real-world exploitability and help teams prioritize what truly matters, bringing greater precision and confidence to risk reduction. We were honored to see our innovation recognized with the SC Media Award for Best Cloud Security Solution for TotalCloud. Appreciate everyone who spent time with us. It’s always valuable to exchange ideas and perspectives during such an important week for the industry. To learn more about Agent Val visit https://bit.ly/4ssM16X

CISA has added the Langflow vulnerability to its Known Exploited Vulnerabilities Catalog following reports of active exploitation. Tracked as CVE-2026-33017, this flaw allows unauthenticated remote attackers to execute arbitrary code on target systems. The vulnerability exists in the platform's visual interface, where attacker-controlled data is passed to execution with zero sandboxing. Read the full threat research breakdown for mitigation steps and technical details. https://bit.ly/3PKbEl6 #Langflow #Cybersecurity #Qualys

For Qualys Chief Marketing Officer, May Mitchell, progress isn’t accidental. In this article for #WomensHistoryMonth, May shares her insights on building her career, raising daughters that study STEM, and why bias and barriers are still a problem for women in the digital marketing space. Don’t miss this article on leadership, legacy, and overcoming the “missing middle” where good careers quietly stall. Read the article here: https://lnkd.in/gzT63JN2 #WomensHistoryMonth #WomenInTech

The Model Context Protocol is the new universal adapter for AI agents but it is also creating a massive visibility gap across the enterprise. These MCP servers often operate as privileged execution environments that remain hidden from traditional security tools. Qualys TotalAI provides the layered discovery and capability mapping needed to bring these shadow integrations into the light. Read our latest technical deep dive to learn how to identify and assess MCP risks in your environment. Read the blog here: https://lnkd.in/gntBYsTm #AIsecurity #ShadowIT #QualysTotalAI

How CISOs measure, quantify, and communicate risk is evolving at the pace of AI. Qualys was proud to sponsor the CISO 360 Think Tank at the historic Carlton House Terrace in London for a deep dive into Cyber Risk Quantification. The closed-door discussions offered a rare space for senior practitioners to benchmark how they translate technical vulnerabilities into a strategic advantage for the Board. From fireside chats to peer-led roundtables, the focus remained on the future-facing metrics that drive real business resilience. A huge thank you to Pulse Conferences and the expert panelists for steering such a vital conversation. #CyberRisk #CISO360 #Qualys

Citrix has released a critical security advisory addressing two vulnerabilities in NetScaler ADC and NetScaler Gateway. Tracked as CVE-2026-3055 and CVE-2026-4368, these flaws allow for unauthenticated memory overread and user session mix-up- posing a significant risk to application availability and data integrity. Read the full technical breakdown here: https://bit.ly/4uKao1n #cybersecurity #vulnerabilitymanagement #threatintel

Traditional container scanning at scale creates redundant work and high infrastructure costs. Integrating Qualys QScanner with Harbor shifts point-in-time scanning to continuous SBOM-based assessment. This allows teams to identify new vulnerabilities without ever re-pulling the image. By consolidating workflows, security and development teams operate on a shared definition of risk. Read the technical breakdown to see how QScanner reduces operational overhead and scales container security. https://bit.ly/4rOUHmS #containersecurity #devsecops #cloudnative