One read. You are up to speed.
The full update covers emerging threats, ransomware, critical vulnerabilities, and regulatory changes, along with concrete actions for Q2 2026.
Topics covered in this whitepaper
✽ 01 - EMERGING THREATS
Identity is the new perimeter
82 percent of detections in 2025 were malware-free. Attackers are logging in, not breaking in. The AZ Monica hospital attack in January showed exactly what that looks like in practice: 70 surgeries cancelled, critical patients evacuated, and 1,200 staff temporarily unpaid.
✽ 02 - RANSOMWARE LANDSCAPE
7,655 victims in 12 months, and now there is a cartel
CipherCue tracked 7,655 ransomware claims across 12 months from 129 active groups across 141 countries, roughly 20 per day. LockBit, Qilin, and DragonForce now share infrastructure, data, and playbooks. Refuse to pay one group, and your data passes to a partner for secondary extortion.
✽ 03 - CRITICAL VULNERABILITIES
A brutal quarter for network edge devices
CCB: PATCH IMMEDIATELY - F5 BIG-IP APM (CVE-2025-53521) was reclassified from DoS to RCE on 27 March. Chinese nation-state exploitation confirmed, linked to the October 2025 F5 source code breach. In-memory webshells evade disk integrity checks.
Microsoft patched 250 CVEs and nine actively exploited zero-days across Q1. Fortinet, Ivanti, Citrix, BeyondTrust, and F5 BIG-IP all featured on the CISA KEV list. The full update walks through what to patch and how to verify you have not already been compromised.
✽ 04 - VARIA & REGULATION
NIS2 deadline: 18 April 2026
Belgian essential entities must submit proof of conformity to the CCB by 18 April. Days away. Two routes are available (CyberFundamentals or ISO 27001), management bodies bear personal liability, and fines reach 10 million euros or 2 percent of global turnover. The full update also covers the EU Commission cloud breach, the Tycoon 2FA takedown, and the Cyber Resilience Act timeline.
One read. You are up to speed.
The full update covers emerging threats, ransomware, critical vulnerabilities, and regulatory changes, along with concrete actions for Q2 2026.