← Back to blog
Security Briefing5 min readApril 8, 2026

Security Briefing, April 8 2026: Flowise Exploitation, Docker Host Access, APT28 DNS Hijacks, Iran PLC Attacks, and Snowflake Spillover

This morning's pattern is brutally consistent. Attackers are not winning because defenders lack dashboards, they are winning because too many management surfaces are still reachable, too many trust boundaries are imaginary, and too many teams patch the headline while leaving the control plane exposed.

Executive summary

The sharpest signal today is that modern attack paths are converging. Flowise is being exploited in the wild, Docker authorization controls can still be bypassed under the wrong assumptions, state actors are hijacking DNS from cheap edge devices, Iran-linked operators are touching operational technology, and Snowflake customers are getting dragged into a third-party token mess. Add the FBI's new $21 billion cybercrime loss figure and the message is simple: reachable admin surfaces are still the easiest money in security.

1. Flowise moved from critical bug to active exploitation

VulnCheck says attackers have started exploiting CVE-2025-59528, a maximum-severity flaw in Flowise's CustomMCP node that can lead to arbitrary JavaScript execution and system access. Public reporting says 12,000 to 15,000 Flowise instances are exposed online. If your team left Flowise internet-facing and unpatched, treat it like an incident, not a routine update.

2. Docker's CVE-2026-34040 punches through weak authorization assumptions

Docker's incomplete fix for an older authorization-plugin bug means a specially crafted oversized API request can skip body inspection and still create a privileged container with host file system access. That is nasty because many teams act like AuthZ plugins are the final safety rail. They are not. If Docker is part of your AI or CI control plane, patch to 29.3.1 and stop trusting policy layers you have not actually pressure-tested.

3. APT28 turned small routers into a global credential interception layer

Microsoft, Black Lotus Labs, and UK authorities tied APT28 to router compromises that changed DNS settings on SOHO devices and enabled adversary-in-the-middle collection against web and email traffic. The campaign reportedly peaked at more than 18,000 IPs across 120 countries. That is the ugly reminder that branch-office and home-office edge gear is still a soft underbelly for enterprise identity.

4. Iran-linked operators are now a direct OT disruption problem

U.S. agencies warned that Iranian-affiliated actors have been targeting internet-facing PLCs, especially Rockwell and Allen-Bradley devices, with some Siemens exposure also in scope. Victims in municipal, water, wastewater, and energy environments have already seen operational disruption and financial loss. If a PLC or HMI is still hanging off the public internet, that is not digital transformation, it is operational malpractice.

5. Snowflake customers got hit through the supply chain again

BleepingComputer reports that a breach at an alleged SaaS integration provider enabled token theft and downstream data theft against multiple companies, with Snowflake customers taking most of the pain and Salesforce attempts also observed. The lesson is not subtle: analytics partners, anomaly-detection vendors, and token-based integrations are part of your attack surface whether procurement likes that sentence or not.

What defenders should do before lunch

Patch or isolate Flowise and Docker immediately, review exposed MCP and AI-builder services, lock down router management and DNS changes, remove OT control systems from direct internet exposure, and rotate third-party integration tokens while reviewing Snowflake and Salesforce audit trails. Today is a good day to kill weak assumptions before attackers monetize them for you.

KENSAI take: The pattern is brutally consistent: attackers keep winning where teams expose admin surfaces, overtrust plugins, and let third-party tokens live too long. Security posture is still being decided by defaults, not design.
Primary sources

Turn today's signal into action.

KENSAI helps security teams validate exposed surfaces, pressure-test controls, and find the trust gaps attackers monetize first.

Start Your Free Scan →