Cyber Threat Intelligence 10 April 2026
-
Industrial Sector
- Iranian-Affiliated APT Targeting Of Rockwell/Allen-Bradley PLCs
"On April 7, 2026, the FBI, CISA, NSA, EPA, DOE, and U.S. Cyber Command jointly disclosed ongoing exploitation of internet-facing Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs) by Iranian-affiliated APT actors. Censys data identifies 5,219 internet-exposed hosts globally responding to EtherNet/IP (EIP) and self-identifying as Rockwell Automation/Allen-Bradley devices — the attack surface directly relevant to AA26-097A. The United States accounts for 74.6% of global exposure (3,891 hosts), with a disproportionate share on cellular carrier ASNs indicative of field-deployed devices on cellular modems. Censys pivoting of the published IOC list reveals that CISA’s seven 185.82.73.x indicators represent a single multi-homed Windows engineering workstation running the full Rockwell toolchain, with four additional operator IPs on the same host absent from the advisory."
https://censys.com/blog/iranian-affiliated-apt-targeting-rockwell-allen-bradley-plcs/
https://cyberscoop.com/iran-attackers-industrial-ot-government-energy-water-censys/
New Tooling
- Asqav: Open-Source SDK For AI Agent Governance
"AI agents are executing consequential tasks autonomously, often across multiple systems and with little record of what they did or why. Asqav, a Python SDK released under the MIT license, addresses that gap by attaching a cryptographic signature to each agent action and linking entries into a hash chain. The signing algorithm is ML-DSA-65, standardized under FIPS 204 and designed to remain secure against quantum computing attacks. Each signature also carries an RFC 3161 timestamp. “Every agent action gets signed with a quantum-safe signature and hash-chained to the previous one,” João André Gomes Marques, author of the project, told Help Net Security. “If someone tampers with an entry or tries to omit one, the chain breaks and verification fails.”"
https://www.helpnetsecurity.com/2026/04/09/asqav-ai-agent-audit-trail/
https://github.com/jagmarques/asqav-sdk
Vulnerabilities
- Vibe Hacking: Claude Code Can Be Turned Into A Nation-State-Level Attack Tool With No Coding At All
"LayerX researchers have found how Claude Code can be turned from a ‘vibe’ coding tool into a nation-state-level offensive hacking tool that can be used to hack websites, launch cyberattacks, and research new vulnerabilities. Our research demonstrates how trivially easy it is to convince Claude Code to abandon its safety guardrails and remove its restrictions on what it is allowed to do. As part of our testing, we successfully convinced Claude Code to perform a full-scope penetration attack and credential theft against our test site. This should never have been allowed per Anthropic’s policy, but we got around it by modifying a single project file, with just a few lines of text and absolutely no coding."
https://layerxsecurity.com/blog/vibe-hacking-claude-code-can-be-turned-into-a-nation-state-level-attack-tool-with-no-coding-at-all/
https://hackread.com/claude-code-claude-md-sql-injection-attacks/ - Apple Intelligence AI Guardrails Bypassed In New Attack
"Researchers from RSAC have found a way to bypass the safety protocols of Apple’s Intelligence AI with a high success rate. Apple Intelligence is a deeply integrated personal intelligence system for iOS, iPadOS, and macOS that combines generative AI with personal context. It primarily processes tasks directly on Apple silicon via a compact on-device LLM. The AI draws on the user’s unique context (messages, photos, and schedules) to power practical features such as system-wide writing tools and Siri. For more complex reasoning, it offloads requests to larger foundation models via Private Cloud Compute (PCC) on Apple’s dedicated cloud infrastructure."
https://www.securityweek.com/apple-intelligence-ai-guardrails-bypassed-in-new-attack/
https://www.theregister.com/2026/04/09/security_researchers_tricked_apple_intelligence/ - Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities
"Palo Alto Networks and SonicWall have separately announced patches for multiple vulnerabilities across their products, including two high-severity bugs. Palo Alto Networks patched three flaws and rolled out third-party fixes for Cortex platforms, ADEM for Windows, PAN-OS, and products using a Chromium-based browser. The most severe of these security defects is CVE-2026-0234, an improper verification of a cryptographic signature issue in the Cortex XSOAR and Cortex XSIAM platforms’ integration of Microsoft Teams. Successful exploitation of the weakness allows attackers to access and tamper with protected resources, the company says."
https://www.securityweek.com/palo-alto-networks-sonicwall-patch-high-severity-vulnerabilities/ - Intent Redirection Vulnerability In Third-Party SDK Exposed Millions Of Android Wallets To Potential Risk
"During routine security research, we identified a severe intent redirection vulnerability in a widely used third-party Android SDK called EngageSDK. This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data. With over 30 million installations of third-party crypto wallet applications alone, the exposure of PII, user credentials and financial data were exposed to risk. All of the detected apps using vulnerable versions have been removed from Google Play. Following our Coordinated Vulnerability Disclosure practices (via Microsoft Security Vulnerability Research), we notified EngageLab and the Android Security Team. We collaborated with all parties to investigate and validate the issue, which was resolved as of November 3, 2025 in version 5.2.1 of the EngageSDK. This case shows how weaknesses in third‑party SDKs can have large‑scale security implications, especially in high‑value sectors like digital asset management."
https://www.microsoft.com/en-us/security/blog/2026/04/09/intent-redirection-vulnerability-third-party-sdk-android/
https://thehackernews.com/2026/04/engagelab-sdk-flaw-exposed-50m-android.html
Malware
- Critical Supply Chain Compromise In Smart Slider 3 Pro: Full Malware Analysis
"This blog post is a technical analysis of the supply chain compromise affecting Smart Slider 3 Pro version 3.5.1.35 for WordPress. An unauthorized party gained access to Nextend’s update infrastructure and distributed a fully attacker-authored build through the official update channel. Any site that updated to 3.5.1.35 between its release on april 7, 2026 and its detection approximately 6 hours later received a fully weaponized remote access toolkit. If you are running Smart Slider 3 Pro, ensure you are on at least version 3.5.1.36."
https://patchstack.com/articles/critical-supply-chain-compromise-in-smart-slider-3-pro-full-malware-analysis/
https://www.bleepingcomputer.com/news/security/smart-slider-updates-hijacked-to-push-malicious-wordpress-joomla-versions/ - Hackers Exploiting Acrobat Reader Zero-Day Flaw Since December
"Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. The attacks have been discovered by security researcher Haifei Li (the founder of the sandbox-based exploit-detection platform EXPMON), who warned on Tuesday that the attackers are using what he described as a "highly sophisticated, fingerprinting-style PDF exploit" to target an undisclosed Adobe Reader security flaw. Li also said that these attacks have been targeting Adobe users for at least 4 months, stealing data from compromised systems using privileged util.readFileIntoStream and RSS.addFeed Acrobat APIs, and deploying additional exploits."
https://www.bleepingcomputer.com/news/security/hackers-exploiting-acrobat-reader-zero-day-flaw-since-december/
https://thehackernews.com/2026/04/adobe-reader-zero-day-exploited-via.html
https://hackread.com/adobe-reader-zero-day-exploit-data-malicious-pdfs/
https://www.securityweek.com/adobe-reader-zero-day-exploited-for-months-researcher/
https://securityaffairs.com/190558/hacking/malicious-pdf-reveals-active-adobe-reader-zero-day-in-the-wild.html
https://www.helpnetsecurity.com/2026/04/09/acrobat-reader-zero-day-exploited/
https://www.theregister.com/2026/04/09/monthsold_adobe_reader_zeroday_uses/ - From Tax Refund To Total Compromise: IRS-Themed Phishing Email Drives Full-Stack Financial Fraud
"Cofense PDC (Phishing Defense Center) and Cofense Intelligence have found an Internal Revenue Service (IRS)-spoofing email that purports to give a $5000 tax refund provided by Elon Musk. However, the link to access the purported tax refund redirects to a credential phishing page with IRS and Elon Musk branding images. Upon filling out the credential phishing form, the victim is asked to access a fake cryptocurrency market where they will be given $5000 to withdraw after verifying a photo ID and bank account information. The extensive amount of personally identifiable information (PII) stolen in this campaign allows the threat actors to pivot to social engineering attacks on the victim’s personal financial, government, and online service accounts. This Flash Alert will briefly analyze the overall impact from the campaign’s email, credential phishing sites, and threat actor’s motivations."
https://cofense.com/blog/from-tax-refund-to-total-compromise-irs-themed-phishing-email-drives-full-stack-financial-fraud - Notorious Hacker Returns With a New Mac Stealer Targeting $10K+ Crypto Wallets
"In 2023, a malware developer named 0xFFF rage-quit one of the most prominent underground hacking forums, leaving behind accusations and bad blood. In August 2024, 0xFFF came back under a new alias, alh1mik, with an apology and an offer: Let me back in, and I’ll build you a new macOS stealer. By early 2026, alh1mik’s offer had materialized into notnullOSX—the Go-written, hand-targeted stealer delivered via ClickFix and malicious DMG files. This malware was built exclusively to drain crypto holdings of above $10,000 from macOS users. Moonlock Lab telemetry recorded the first detections of notnullOSX on March 30, 2026, across 3 regions: Vietnam, Taiwan, and Spain. Here’s our breakdown of the stealer’s origin, malware functionality, distribution, and more."
https://moonlock.com/notorious-hacker-returns-notnullosx-stealer
https://hackread.com/macos-malware-notnullosx-crypto-wallets/ - STX RAT: A New RAT In 2026 With Infostealer Capabilities
"In late February 2026, eSentire's Threat Response Unit (TRU) observed an attempted delivery of a previously undocumented malware family within a customer environment in the Finance industry. TRU is tracking this threat as STX RAT, named for its consistent use of the Start of Text (STX) magic byte "\x02" prefixed to C2 messages. TRU observed attempted delivery of the malware via a browser-downloaded VBScript file; by early March 2026, Malwarebytes reported a separate initial access vector in their blog, "A fake FileZilla site hosts a malicious download", where the malware was distributed through trojanized FileZilla installers."
https://www.esentire.com/blog/stx-rat-a-new-rat-in-2026-with-infostealer-capabilities
https://www.infosecurity-magazine.com/news/stx-rat-targets-finance-sector/ - Scammers Pose As Amazon Support To Steal Your Account
"Cybercriminals using the so-called “spray and pray” tactic love to impersonate well-known brands. Especially ones with huge customer bases. Amazon reportedly has around 310 million active customers, so they certainly qualify as a brand worth impersonating. And it shows in the sheer volume of scams that use its name. Amazon account take-over (ATO) scams were numerous during the holiday season, and they haven’t gone away. The scammers have ported the “product recall due to safety concerns” text message scam over to email. The fake product recall message is one of scammers’ most popular lures, and we’ve reported on in the past."
https://www.malwarebytes.com/blog/news/2026/04/scammers-pose-as-amazon-support-to-steal-your-account - The Long Road To Your Crypto: ClipBanker And Its Marathon Infection Chain
"At the start of the year, a certain Trojan caught our eye due to its incredibly long infection chain. In most cases, it kicks off with a web search for “Proxifier”. Proxifiers are speciaized software designed to tunnel traffic for programs that do not natively support proxy servers. They are a go-to for making sure these apps are functional within secured development environments. By coincidence, Proxifier is also a name for a proprietary proxifier developed by VentoByte, which is distributed under a paid license. If you search for Proxifier (or a proxifier), one of the top results in popular search engines is a link to a GitHub repository. That’s exactly where the source of the primary infection lives."
https://securelist.com/clipbanker-malware-distributed-via-trojanized-proxifier/119341/ - In-Memory Loader Drops ScreenConnect
"In February 2026, Zscaler ThreatLabz discovered an attack chain where attackers used a fake Adobe Acrobat Reader download to lure victims into installing ConnectWise’s ScreenConnect. While ScreenConnect is a legitimate remote access tool, it can be leveraged for malicious purposes. In this blog post, ThreatLabz examines the various stages of this attack, from the download lure to the in-memory loader used to reduce on-disk artifacts that could be used for detection and analysis. Additionally, we dive into the attack chain's obfuscation methods, such as using dynamic code that resolves method and type names at runtime rather than referencing them directly in the source."
https://www.zscaler.com/blogs/security-research/memory-loader-drops-screenconnect - Cybercriminals Target Accountants To Drain Russian Firms’ Bank Accounts
"Cybercriminals have stolen millions from Russian companies by hacking accountants’ computers and disguising transfers as salary payments, according to areport released this week. Researchers at Russian cybersecurity firm F6 said the financially motivated groupHive0117 carried out a wave of attacks from February to March 2026 targeting corporate finance departments. The attackers used phishing emails to infect accountants’ computers with malware, allowing them to access remote banking systems used to manage company payments."
https://therecord.media/cybercriminals-hack-russian-accountants-to-steal-millions
Breaches/Hacks/Leaks
- Hackers Steal $3.6 Million From Crypto ATM Giant Bitcoin Depot
"Bitcoin Depot, which operates one of the largest Bitcoin ATM networks, says attackers stole $3.665 million worth of Bitcoin from its crypto wallets after breaching its systems last month. The company manages more than 25,000 Bitcoin ATMs and BDCheckout locations worldwide and reported revenue of $615 million in 2025. As revealed in a filing with the U.S. Securities and Exchange Commission, the company discovered the attack on March 23 after detecting suspicious activity on some of its IT systems."
https://www.bleepingcomputer.com/news/security/crypto-atm-giant-bitcoin-depot-says-hackers-stole-36-million-from-its-wallets/
https://therecord.media/crypto-atm-bitcoin-depot-reports-cyberattack
https://www.infosecurity-magazine.com/news/bitcoin-depot-dollar36m-crypto/
https://www.securityweek.com/3-6-million-stolen-in-bitcoin-depot-hack/ - My Lovely AI Data Breach
"In April 2026, the NSFW AI girlfriend platform My Lovely AI suffered a data breach that exposed over 100k users. The data included user-created prompts and links to the resulting AI-generated images, along with a small number of Discord and X usernames. As this breach has been flagged as sensitive, it is not publicly searchable. To see the exposure of email addresses in this breach, sign in to your dashboard and review results for your email address in the "Breaches" section under "Personal", or search any domains you control in the "Domains" section under "Business"."
https://haveibeenpwned.com/Breach/MyLovelyAI
https://www.malwarebytes.com/blog/news/2026/04/nsfw-app-leak-exposes-70000-prompts-linked-to-individual-users
https://www.helpnetsecurity.com/2026/04/09/mylovely-ai-data-breach-user-conversations/ - Chevin Pulls The Handbrake On FleetWave Software After Security Scare
"A cybersecurity incident has knocked FleetWave into a "major outage" across the UK and US after Chevin Fleet Solutions pulled parts of its SaaS platform offline and left customers scrambling for answers. The disruption, flagged on Chevin's public status page, aligns with an email sent to customers and seen by The Register in which the company confirms it took FleetWave environments hosted in Azure in both regions offline as a precaution. Chevin, which first confirmed disruption on April 3, says that it's working "around the clock with external cybersecurity specialists," carrying out artifact analysis and threat hunting across its systems while implementing additional security controls."
https://www.theregister.com/2026/04/09/chevin_fleetwave_security_incident/ - A Hacker Has Allegedly Breached One Of China’s Supercomputers And Is Attempting To Sell a Trove Of Stolen Data
"A hacker has allegedly stolen a massive trove of sensitive data – including highly classified defense documents and missile schematics – from a state-run Chinese supercomputer in what could potentially constitute the largest known heist of data from China. The dataset, which allegedly contains more than 10 petabytes of sensitive information, is believed by experts to have been obtained from the National Supercomputing Center (NSCC) in Tianjin – a centralized hub that provides infrastructure services for more than 6,000 clients across China, including advanced science and defense agencies. Cyber experts who have spoken to the alleged hacker and reviewed samples of the stolen data they posted online say they appeared to gain entry to the massive computer with comparative ease and were able to siphon out huge amounts of data over the course of multiple months without being detected."
https://edition.cnn.com/2026/04/08/china/china-supercomputer-hackers-hnk-intl
https://securityaffairs.com/190536/hacking/the-alleged-breach-of-chinas-national-supercomputing-center-can-have-serious-geopolitical-consequences.html
General News
- Microsoft Suspends Dev Accounts For High-Profile Open Source Projects
"Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users. The list of affected projects includes, but is not limited to, Virtual Private Network (VPN) software WireGuard, on-the-fly encryption (OTFE) utility VeraCrypt, the MemTest86 Random Access Memory (RAM) testing and diagnosis tool, and the Windscribe VPN software."
https://www.bleepingcomputer.com/news/microsoft/microsoft-suspends-dev-accounts-for-high-profile-open-source-projects/
https://www.theregister.com/2026/04/09/microsoft_dev_account_deactivations/ - March 2026 Cyber Threat Landscape Shows No Relief As Ransomware Rebounds And GenAI Risks Intensify
"In March 2026, global cyber attack activity showed early signs of moderation while remaining at historically elevated levels. The average number of weekly cyber-attacks per organization reached 1,995, representing a 4% decrease month over month and a 5% decline compared to March 2025. Despite this easing, the overall threat environment remains intense. Nearly 2,000 weekly attacks per organization continue to reflect sustained adversary pressure, driven by automation, broad attack surface expansion, and persistent exposure risks tied to cloud adoption and GenAI usage. Check Point Research data indicates that while short term fluctuations are emerging, cyber threats have not returned to pre-surge baselines and remain a constant operational reality for organizations worldwide."
https://blog.checkpoint.com/research/march-2026-cyber-threat-landscape-shows-no-relief-as-ransomware-rebounds-and-genai-risks-intensify/ - Do Ceasefires Slow Cyberattacks? History Suggests Not
"With the US and Iran having reached a fragile ceasefire this week, security researchers and executives are left wondering whether there will be a commensurate pause in the cyberwarfare that has ramped up around the war. The day after the temporary truce was announced, Iran's most high-profile false-flag hacktivist operation, Handala, offered that it would participate in a temporary pause in hostilities. But even if one takes that group at its word, history suggests that ceasefires rarely stop or slow cyberactivity surrounding kinetic wars. In fact, in the absence of more effective ways of fighting, cyberattacks tend to flare significantly."
https://www.darkreading.com/cybersecurity-analytics/ceasefires-slow-cyberattacks-history - Seven Signals Cyber Experts Agreed On At FIRST Paris 2026
"The cybersecurity industry has been facing multiple parallel challenges in recent years. The pace at which cybercrime evolves is hard to match, but gatherings like FIRST provide a unique opportunity for the community to convene, reflect, and move forward together. These events are not only about new technologies, but also about perspectives coming together to strengthen our security stance. Collaboration remains one of the most powerful responses defenders have against increasingly coordinated adversaries. In many ways, attackers already operate as networks. The challenge now is for defenders to realize their collective potential."
https://www.group-ib.com/blog/seven-cyber-signals-first-paris-2026/ - AI Agent Intent Is a Starting Point, Not a Security Strategy
"In this Help Net Security interview, Itamar Apelblat, CEO of Token Security, walks through findings from the company’s research, which shows that 65% of agentic chatbots have never been used yet still hold live access credentials. He explains why organizations treat AI agents more like quick experiments than governed identities, and why that creates risks similar to orphaned service accounts, only harder to see. The conversation covers why 51% of external agent actions still rely on hard-coded credentials, how a single injected prompt can move through a multi-agent pipeline without triggering any conventional SOC alert, and why 81% of cloud-deployed agents run on self-managed frameworks. Apelblat also breaks down what it means to operationalize agent intent as policy, and why enforcement needs to survive the moment a user reprompts the agent with something its original configuration never anticipated."
https://www.helpnetsecurity.com/2026/04/09/itamar-apelblat-token-security-ai-agents-security-risks/ - Prompt Injection Tags Along As GenAI Enters Daily Government Use
"Routine use of GenAI has moved into daily operations in state and territorial government environments, placing new security risks within common workflows. A Center for Internet Security (CIS) report, Prompt Injections: The Inherent Threat to Generative AI, identifies prompt injection as a persistent concern tied to that adoption."
https://www.helpnetsecurity.com/2026/04/09/genai-prompt-injection-enterprise-data-risk/
https://learn.cisecurity.org/msisac-prompt-injections - Governance Gaps Emerge As AI Agents Drive 76% Increase In NHIs
"The SANS Institute has warned that the race to incorporate AI into enterprise workflows threatens to outpace security efforts, after revealing widespread credential hygiene failings. The security training and research organization presented the findings as part of its 2026 SANS State of Identity Threats & Defenses Survey, which is based on interviews with over 500 security professionals globally. It revealed that three-quarters (76%) of organizations report growth in non-human identities (NHIs) such as service accounts, API keys, automation bots and workload identities."
https://www.infosecurity-magazine.com/news/governance-gaps-agents-76-increase/ - Critical Infrastructure At Risk: 179 ICS Devices Exposed Online
"Malware affecting industrial control systems (ICS) has the potential to disrupt the key industries that underpin modern society. Variants such as Industroyer, Stuxnet, Havex, Triton, and BlackEnergy have demonstrated the ability to interfere with industrial processes, disrupt power supplies, and, in some cases, cause physical damage to critical infrastructure. According to Cyble Research & Intelligence Labs’ most recent report, ICS vulnerability disclosures almost doubled between 2024 and 2025. This increase, says Digital Watch Observatory, is linked in part to “greater exploitation by threat actors” seeking to compromise energy, manufacturing, and utilities infrastructure."
https://www.comparitech.com/news/critical-infrastructure-at-risk-179-ics-devices-exposed-online/
https://securityaffairs.com/190525/ics-scada/internet-exposed-ics-devices-raise-alarm-for-critical-sectors.html - Can We Trust AI? No – But Eventually We Must
"The increasing use of artificial intelligence within and by business is problematic on two fronts: firstly, we rely on it as if it were the voice of God, and secondly, attackers are able to turn our reliance against us. First, we must understand how AI works and where it is weak lest we misinterpret how adversaries attack it, and secondly we should look at the growing industry of companies trying to defend it. The primary problem with current LLM-based AI is that it starts from a position that is not grounded in truth (primarily by scraping and ingesting the internet with all its falsehoods), while the nature of its operation makes it drift ever further away. It is impossible to verify what it tells us (because of our own and its inherent biases), it can get things wrong (sometimes absurdly so with what we call ‘hallucinations’); it has a tendency to drift into sycophancy (it wants to tell us what it assumes we want to hear); and its whole edifice is in danger (from what is termed ‘model collapse’)."
https://www.securityweek.com/can-we-trust-ai-no-but-eventually-we-must/ - The Hidden ROI Of Visibility: Better Decisions, Better Behavior, Better Security
"Unfortunately, we have a problematic and unstable neighbor. Without getting into details, he often yells obscenities, threatens physical harm, threatens property damage, and other such undesirable things. Sadly, involving the police from time to time and getting two restraining orders did not discourage this neighbor from his outbursts and threats. The police and courts explained to us that a healthy person is afraid of the law. This is logical – most of us don’t commit crimes, and this is partly because we are afraid of the consequences. But when a person is unstable and believes that they can talk their way out of anything as long as it is your word against theirs, there is little recourse. In other words, if a person is careful to behave badly only when there is no record of that behavior, it is very difficult for the police and courts to do much about it."
https://www.securityweek.com/the-hidden-roi-of-visibility-better-decisions-better-behavior-better-security/ - Q1 2026 Attack Technique Trends Report
"The cyber attack landscape in Q1 2026 was characterized by a step change from traditional mass-automated threats, with accelerated penetration rates driven by the use of AI, identity-centric attacks, exploitation of supply chain and SaaS linkages, and a combination of social engineering and vulnerability exploitation. threat actors are no longer relying on a single technique, but are evolving toward cascading multiple tactics and techniques to bypass detection and increase dwell time. As threat actors leverage generative AI and automation tools to quickly generate phishing messages, conduct reconnaissance, code mutation, and evade detection, the barrier to entry for attacks has been lowered and the speed of execution has increased. this means that the speed of response and detection on the defense side is even more critical than in the past."
https://asec.ahnlab.com/en/93278/
อ้างอิง
Electronic Transactions Development Agency (ETDA)
- Iranian-Affiliated APT Targeting Of Rockwell/Allen-Bradley PLCs
