SECURITY Affairs newsletter Round 574 by Pierluigi Paganini – INTERNATIONAL EDITION arrives with a slate of notable security stories for the week, dated 26 April 2026. The edition gathers items from across cyber security, including the report that U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog.
It also highlights warnings that over 400,000 sites are at risk as hackers exploit the Breeze Cache plugin flaw (CVE-2026-3844) and news of a persistent FIRESTARTER backdoor on a Cisco ASA device in a federal network. Other items cover a 12-year-old Pack2TheRoot bug that lets Linux users gain root privileges, a Signal phishing campaign targeting Germany’s Bundestag President Julia Klöckner, and a Checkmarx supply chain attack impacting Bitwarden’s npm distribution path.
The round also notes China-linked threat actors using consumer device botnets to evade detection, Rituals disclosing a data breach affecting member details, an iOS flaw that allowed deleted notifications to linger, and coverage of RAMP’s ransomware marketplace as well as additional CISA and Defender-related flaws. according to U.S. CISA.