The April 7 CXO Daily cybersecurity briefing examines critical developments shaping enterprise cyber risk, from AI-driven threat intelligence to active zero-day exploitation and shifting government policy.

Leading today's coverage, Censys has secured $70 million in funding to expand its AI-powered cyber threat intelligence platform, signaling a growing market demand for real-time internet visibility and automated attack surface management. As threat actors accelerate attack velocity and reduce dwell time, organizations must modernize asset discovery and risk correlation to maintain resilience and meet regulatory expectations.

Meanwhile, a Fortinet crisis is intensifying, with active exploitation of two critical vulnerabilities in FortiClient EMS, including a zero-day now listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. The incident highlights urgent challenges around patch management, endpoint security governance, and privileged access controls—especially for enterprises operating in hybrid and regulated environments.

At the policy level, proposed cuts to CISA funding raise concerns about reduced federal cybersecurity support, increasing pressure on enterprises to strengthen internal threat detection, incident response, and governance frameworks.

Additional insights include:

• FBI-reported cyber fraud losses reaching $17.6 billion, driven largely by social engineering and crypto-related scams
• Continued exposure of over 14,000 F5 BIG-IP instances vulnerable to remote code execution
• Emerging risks in generative AI security, as outlined in OWASP's latest Top 10
• A newly leaked Windows "BlueHammer" zero-day enabling privilege escalation attacks

This episode provides essential intelligence for CISOs, CIOs, and risk leaders navigating evolving cyber threats, regulatory scrutiny, and operational resilience in 2026.