In a move as inevitable as your favorite sitcom’s plot twist, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has discovered new security flaws that hackers across the globe are already sending thank-you cards for. These vulnerabilities, found in the Erlang Open Telecom Platform SSH and the ever-popular Roundcube, are now heading for stardom in CISA’s ritzy Known Exploited Vulnerabilities (KEV) catalog.

With a CVSS score of 10.0, these flaws are the cybersecurity equivalent of leaving your front door wide open with a ‘Please Rob Me’ sign. In fact, hackers are reportedly so excited that they’ve named the exploit ‘Exploit-palooza 2025,’ and are selling tickets for it faster than you can say ‘Oops, my data.’

CISA is on high alert and is advising users to patch faster than they can hit ‘ignore’ on the latest software update notification. As always, the promise of free data to malicious actors ensures these vulnerabilities will become instant classics, joining the ranks of security legends like typing ‘password’ as your password.