剣 KENSAI
← All posts · regulations · 2026-03-27 · 12 min

CISA Warns of Active Langflow AI Exploitation, UK Sanctions Xinbi Crypto Marketplace, Ajax Amsterdam GDPR Breach, Trivy Supply Chain Attack Hits 1K+ Clouds, RSAC 2026 Deepfakes Alarm UK Parliament

CISA adds critical Langflow AI framework flaw to KEV catalog after attackers weaponised it within 20 hours of disclosure. The UK becomes the first country to sanction the $19.9 billion Xinbi crypto marketplace fuelling Southeast Asian scam centres. Ajax Amsterdam discloses a data breach affecting 300,000+ accounts with GDPR implications for sports organisations. A Trivy supply chain attack snowballs across Docker Hub, VS Code, and PyPI. AI deepfakes targeting a UK lawmaker go unanswered by Big Tech at RSAC 2026.


1. CISA Adds Langflow AI Vulnerability to KEV — Exploited Within 20 Hours

⚠️ CRITICAL THREAT — AI Development Frameworks Under Active Attack

CISA has added CVE-2026-33017 (CVSS 9.3) to its Known Exploited Vulnerabilities catalog. Attackers began exploiting the critical Langflow code injection flaw just 20 hours after the advisory was published — without any public proof-of-concept code.

On March 25, 2026, CISA issued an urgent alert adding CVE-2026-33017 to the Known Exploited Vulnerabilities (KEV) catalog. The flaw affects Langflow, a popular open-source framework for building AI agent workflows with 145,000 GitHub stars. The vulnerability allows unauthenticated remote code execution via a single crafted HTTP request due to unsandboxed flow execution.

What makes this case particularly alarming is the exploitation timeline. According to research by Endor Labs:

This is the second time CISA has warned about active Langflow exploitation — the first was CVE-2025-3248 in May 2025. The pattern demonstrates that AI development frameworks are becoming high-value targets as organisations rapidly adopt AI agent architectures.

EU AI Act and CRA Implications

The Langflow exploitation raises critical questions under both the EU AI Act and the Cyber Resilience Act (CRA):

What This Means for Your Organisation


2. UK Sanctions Xinbi Crypto Marketplace — $19.9 Billion in Illicit Transactions

⚠️ REGULATORY ACTION — First-Ever Sanctions Against Illicit Crypto Marketplace

The UK's Foreign, Commonwealth and Development Office has become the first government to sanction Xinbi, a Telegram-based Chinese-language marketplace that processed $19.9 billion in illicit transactions between 2021 and 2025, including laundering North Korean crypto heist proceeds.

On March 26, 2026, the UK government announced sanctions against Xinbi, one of the largest illicit crypto marketplaces in Southeast Asia. According to blockchain analysis firm Chainalysis, Xinbi processed over $19.9 billion in transactions facilitating unlicensed OTC trades, money laundering, and sales of stolen personal databases.

The sanctions also target #8 Park, Cambodia's largest scam compound with capacity for 20,000 trafficked workers, and Legend Innovation Co, its operator. Xinbi provided cryptocurrency-based laundering services to these scam centres, which force trafficked workers to conduct "pig butchering" and romance baiting scams.

Anti-Money Laundering and Data Protection Crossover

The Xinbi case sits at the intersection of multiple EU regulatory frameworks:

What This Means for Your Organisation


3. Ajax Amsterdam Data Breach — GDPR Compliance Gaps in Sports Organisations

🔶 DATA BREACH — 300,000+ Accounts Exposed, Season Tickets Hijackable

Dutch football club AFC Ajax disclosed that a hacker exploited vulnerabilities in its IT systems, accessing data on hundreds of people. Independent investigation by RTL journalists revealed the flaws could have enabled manipulation of 42,000 season tickets, 538 stadium bans, and access to 300,000+ fan accounts.

AFC Ajax, one of Europe's most successful football clubs, has disclosed a data breach after a hacker accessed parts of its IT systems. While Ajax stated that only "a few hundred" email addresses were viewed, RTL journalists who independently verified the vulnerabilities found the actual exposure was far more severe:

Ajax has notified the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) and police, engaged external experts, and patched the identified vulnerabilities.

GDPR Enforcement Implications

This breach is a textbook case for GDPR enforcement action:

What This Means for Your Organisation


4. Trivy Supply Chain Attack Snowballs Across Docker Hub, VS Code, PyPI

⚠️ SUPPLY CHAIN COMPROMISE — Open Source Security Tool Weaponised Against 1,000+ Environments

A supply chain attack that began with compromised Trivy GitHub Action tags has expanded across Docker Hub, VS Code extensions, and PyPI packages, infecting over 1,000 cloud environments. The attackers, tracked as TeamPCP, have teamed up with the Lapsus$ group.

Security researchers have uncovered one of the most significant open-source supply chain attacks in recent memory. The attack originated with the compromise of Trivy — Aqua Security's widely-used container vulnerability scanner — through GitHub Action tag manipulation. From there, the attackers (tracked as TeamPCP) expanded their reach:

Perhaps most concerning: LiteLLM, a popular Python interface for LLMs, was compromised through the same polluted CI/CD pipeline, potentially affecting organisations building AI applications.

Cyber Resilience Act and NIS2 Supply Chain Requirements

This attack is precisely the scenario that EU regulators anticipated:

What This Means for Your Organisation


5. RSAC 2026: AI Deepfakes Target UK Lawmaker, Big Tech Offers No Answers

AI Governance and Deepfake Regulation: A UK lawmaker targeted by AI-generated deepfake content appeared before Parliament to demand answers from Meta, Google, and X. None could adequately explain how fake political content circulated for so long — adding urgency to EU AI Act enforcement and the global debate on AI-generated disinformation.

At RSAC 2026 in San Francisco, the dominant themes this week have been AI agents and the security challenges they create. But it was events in London that provided the sharpest illustration of the regulatory gap. A UK Member of Parliament targeted by AI-generated deepfake content appeared before a parliamentary committee, with representatives from Meta, Google, and X struggling to explain why the content remained online for weeks.

Key developments from RSAC 2026 and the broader AI security landscape this week:

EU AI Act Enforcement Context

The deepfake incident crystallises several EU AI Act obligations:

What This Means for Your Organisation


Today's Regulatory Landscape Summary

Development Regulation Impact Action Required
CISA Langflow AI Exploitation EU AI Act / CRA / NIS2 AI frameworks are high-value targets Upgrade to Langflow 1.9.0, isolate AI infrastructure
UK Sanctions Xinbi ($19.9B) AMLR / MiCA / GDPR First-ever illicit crypto marketplace sanctions Screen for Xinbi wallets, review AML processes
Ajax Amsterdam Data Breach GDPR 300K+ accounts exposed via API flaws Audit APIs, implement breach detection monitoring
Trivy Supply Chain Attack CRA / NIS2 1,000+ cloud environments compromised Pin GitHub Actions to SHAs, generate SBOMs
RSAC 2026 Deepfakes / AI Agents EU AI Act / DSA AI deepfake enforcement gap exposed Prepare for AI Act August 2026 transparency rules