Weekly Threat Intelligence Briefing — March 30, 2026

WEEKLY THREAT INTELLIGENCE BRIEFING|MONDAY, MARCH 30, 2026

🔴 Weekly Threat Intelligence Briefing — March 30, 2026

Three high-urgency items dominated the threat landscape this week: a nation-state-linked RCE in F5 BIG-IP APM that was reclassified hours before its federal patch deadline, a supply-chain compromise in Aqua Security's Trivy toolchain, and Interlock Ransomware continuing to bleed sensitive data from a U.S. defense ammunition manufacturer. Here is what matters for DIB contractors and your program this week.

🔴 THREAT 1 — CVE-2025-53521: F5 BIG-IP APM Pre-Auth RCE

CVE-2025-53521 — Critical unauthenticated remote code execution in F5 BIG-IP Access Policy Manager.

•Affected: F5 BIG-IP APM (all versions prior to 17.5.1.3, 17.1.3, 16.1.6.1, 15.1.10.8)

•CVSS: 9.8 (CVSS v3.1) / 9.3 (CVSS v4) | Status: KEV-listed — actively exploited in the wild

•KEV Added: March 27, 2026 | FCEB patch deadline: March 30, 2026

Originally classified as a DoS flaw (CVSS 7.5) when disclosed in October 2025, F5 reclassified it as pre-auth RCE in March after new evidence emerged of nation-state actor exploitation — the same actor tied to a 12-month intrusion into F5's own network and source code. Acute scanning activity for the /mgmt REST API endpoint has been confirmed. Webshells have been observed operating in memory only — meaning file-based IOC checks may miss active compromises.

DIB implication: F5 BIG-IP sits at network perimeters across large defense contractors and federal integrators. If your BIG-IP APM has an access policy on a virtual server and is internet-exposed, assume targeted scanning is already underway. This flaw provides a direct foothold into environments where CUI may traverse.

⚡ THREAT 2 — Trivy Supply Chain Compromise + Interlock Ransomware vs. DIB

CVE-2026-33634 — Aqua Security Trivy embedded malicious code (TeamPCP supply chain attack, March 19, 2026).

•Affected: Organizations pulling Trivy container images from Docker Hub; LiteLLM packages on PyPI also compromised in downstream cascade

•Status: KEV-listed March 26, 2026 | Malicious Trivy images confirmed pushed to Docker Hub

Aqua Security's Trivy is a widely used open-source vulnerability scanner embedded in DevSecOps pipelines across enterprise and government environments. The compromise allowed attackers to exfiltrate keys, credentials, and database access — a direct supply chain foothold. For DIB contractors running automated container security scanning, audit your Trivy image source immediately.

Separately: Interlock Ransomware's breach of National Defense Corporation / AMTEC — a manufacturer of 40mm grenade ammunition and explosives for the U.S. military — continues generating new intelligence concerns. The group exfiltrated approximately 4,200 GB (nearly 3 million files) and published DoD contract details, shipment schedules, logistics data, and personnel contacts on its dark web leak site. Resecurity assesses the targeting was likely state-directed. AMTEC's parent, National Presto Industries, filed an SEC 8-K on March 6 disclosing the incident.

DIB implication: If your organization has supply chain relationships with AMTEC, NDC, or National Presto Industries subsidiaries, treat this as a secondary targeting risk. The leaked dataset contains enough contractor cross-reference data to enable spear-phishing campaigns against connected primes and subcontractors.

📌 WATCH — Langflow Code Injection (CVE-2026-33017) + AI Pipeline Risk

Langflow, a widely used open-source AI workflow platform, was exploited within 20 hours of a security advisory publication — before any public PoC code existed. Attackers built working exploits directly from the advisory description. Exfiltrated data included API keys, credentials, and database access. CISA added CVE-2026-33017 to the KEV catalog on March 20, 2026.

This incident marks a measurable contraction in the advisory-to-exploit window — a trend confirmed in Mandiant's M-Trends 2026, which notes attackers can now transfer access between actors in under 30 seconds. For organizations deploying AI-assisted tooling in environments that touch CUI or sensitive network segments, the risk calculus has materially shifted.

🛡️ Practitioner Takeaway

•F5 BIG-IP APM: Patch to fixed versions (17.5.1.3 / 17.1.3 / 16.1.6.1 / 15.1.10.8) today. If patching is not immediately possible, take internet-exposed APM virtual servers offline. File-based IOC checks are insufficient — review memory forensics and outbound HTTP/S traffic for 201 response anomalies.

•Trivy / LiteLLM: Audit all Docker Hub image pulls for Trivy in your CI/CD pipelines. Rotate any credentials or API keys that may have transited environments where Trivy scanned.

•Interlock / DIB supply chain: Review your contractor relationships with AMTEC / NDC affiliates. Brief your security team on LotL (PowerShell/WMI) indicators used in the AMTEC breach. CMMC AC.L2-3.1.3 and SI.L2-3.14.7 controls are directly relevant.

•Langflow / AI pipelines: If Langflow is deployed in your environment, patch immediately (GHSA-vwmf-pq79-vjvx). Conduct an access review of any API keys or credentials reachable from AI workflow environments.

F5's reclassification from DoS to pre-auth RCE — based on a nation-state intrusion into F5's own network — is a case study in why severity ratings at time of disclosure can't be your final risk posture decision. What processes does your team have for re-evaluating previously patched or deprioritized CVEs when new exploitation evidence emerges?

Craig Wood | CISM | CCA Lead Assessor

CEO, PSY Logistics Technology Partners

CMMC | Maritime Cybersecurity | vCISO | DIB

#ThreatIntelligence #Cybersecurity #InfoSec #PSYLogistics #CMMC #DIB #CVE #CISA #KEV #PatchManagement #ZeroDay #Ransomware #vCISO #GRC