Hackers are weaponizing AI vision tools to act as digital spies, and doing so at breakneck speed. In just 12 hours, attackers were caught using an LMDeploy flaw to scan private cloud networks, essentially turning what’s meant to be a helpful tool into a massive risk vector. This lightning-fast exploitation is part of what Dutch intelligence director Simone Smit calls a perfect storm of modern threats, where state actors like Russia and China are increasingly blending digital and physical sabotage. This week, we’re also looking at a sabotage tool that actually predates Stuxnet, a bizarre case of professional ransomware negotiators switching sides to help the bad guys, and a new gadget from the UK that stops your HDMI cables from talking behind your back.

Subscribe to this newsletter
View our services

GitHub published GHSA-6w67-hwm5-92mq, later assigned CVE-2026-33626, a Server-Side Request Forgery (SSRF) vulnerability in LMDeploy. LMDeploy is a toolkit for serving vision-language and text large language models (LLMs) developed by Shanghai AI Laboratory, InternLM. Within 12 hours and 31 minutes of its publication on the main GitHub advisory page, the Sysdig Threat Research Team (TRT) observed the first LMDeploy exploitation attempt against our honeypot fleet. The attacker did not simply validate the bug and move on. Instead, over a single eight-minute session, they used the vision-language image loader as a generic HTTP SSRF primitive to port-scan the internal network behind the model server
https://www.sysdig.com/blog/cve-2026-33626-how-attackers-exploited-lmdeploy-llm-inference-engines-in-12-hours

According to Ukrinform reporting on the Dutch National Security Service (AIVD) annual assessment, the Netherlands faces the most intense security environment it has encountered in eight decades. The agency’s 2024 review lists Russia, China, organized cybercrime, and extremist groups as simultaneous sources of risk, a combination AIVD Director Simone Smit says has never before strained the country’s defenses.
https://blackwirein.tel/article/dutch-intelligence-flags-unprecedented-multivector-threats-russia-china-cybercrime-terrorism

Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's nuclear program by destroying uranium enrichment centrifuges. According to a new report published by SentinelOne, the previously undocumented cyber sabotage framework dates back to 2005, primarily targeting high-precision calculation software to tamper with results. It has been codenamed fast16.
https://thehackernews.com/2026/04/researchers-uncover-pre-stuxnet-fast16.html

Anthropic's Mythos model is purportedly so good at finding vulnerabilities that the Claude-maker is afraid to make it available to the general public for fear that criminals will take advantage. But early analysis shows that Mythos may not be as dangerous as some would have you believe.
https://www.theregister.com/2026/04/22/anthropic_mythos_hype_nothingburger

Hackers working for the Chinese government are increasingly hiding their attacks behind ready-made networks of hacked routers and other networking equipment, the U.S. and several allies said on Thursday. Attackers’ use of these so-called covert networks is not new, the agencies said in a joint advisory, “but China-nexus cyber actors are now using them strategically, and at scale.”
https://www.cybersecuritydive.com/news/china-botnets-cyberattacks-covert-networks-advisory/818309/

A newly identified infostealer called Storm has emerged on underground cybercrime forums in early 2026, signalling a change in how attackers steal and use credentials. Priced at under $1,000 per month, the malware collects browser-stored data such as login credentials, session cookies, and cryptocurrency wallet information, then covertly transfers the data to attacker-controlled servers where it is decrypted outside the victim’s system.
https://www.cysecurity.news/2026/04/new-malware-storm-steals-browser-data.html

In October 2025, the US announced charges against three individuals for allegedly conducting ransomware attacks against several companies. Authorities said the suspects were tasked with helping victims, but instead they helped the attackers in return for a share of the ransom. Two of the suspects, Kevin Martin from Texas and Ryan Goldberg from Georgia, pleaded guilty in late 2025 and await sentencing, scheduled for the end of April. The identity of the third individual was only revealed in March 2026. He is 41-year-old Angelo Martino from Florida, who worked with Martin as a ransomware negotiator at an incident response firm. Goldberg worked for a different cybersecurity company.
https://www.securityweek.com/third-us-security-expert-admits-helping-ransomware-gang/

Application security vendors Socket and StepSecurity say a self-propagating CanisterWorm-style malware strain hit multiple npm packages tied to Namastex Labs, an agentic AI company. The campaign appears to target specialized developer workflows as opposed to broad consumer npm usage
https://www.theregister.com/2026/04/22/another_npm_supply_chain_attack

Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at sabotage, and suggests it was created years before the Stuxnet worm that aimed to destroy Iran’s uranium enrichment centrifuges.
https://www.theregister.com/2026/04/24/fast16_sabotage_malware

UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an intruder logged in with stolen credentials, while a ransomware crew claims it grabbed far more than the company is currently admitting.
https://www.theregister.com/2026/04/21/adaptavist_group_breach_spawns_impostor

Hackers working for the Chinese government are increasingly hiding their attacks behind ready-made networks of hacked routers and other networking equipment, the U.S. and several allies said on Thursday. Attackers’ use of these so-called covert networks is not new, the agencies said in a joint advisory, “but China-nexus cyber actors are now using them strategically, and at scale.”
https://www.cisa.gov/news-events/cybersecurity-advisories/aa26-113a

UK spy agency releases malware-blocking gadget for HDMI and DisplayPort cables — SilentGlass blocks malicious traffic traveling between display and computer
https://www.tomshardware.com/tech-industry/cyber-security/uk-spy-agency-releases-malware-blocking-gadget-for-hdmi-and-displayport-cables-silentglass-blocks-malicious-traffic-traveling-between-display-and-computer

Indirect Prompt Injection (IPI) is a top priority for the security community, anticipating it as a primary attack vector for adversaries to target and compromise AI agents. But while the danger of IPI is widely discussed, are threat actors actually exploiting this vector today
https://security.googleblog.com/2026/04/ai-threats-in-wild-current-state-of.html

Anthropic accidentally leaked the source of the Claude Code client application, via an NPM source map, certain sections of the internet exploded with people suddenly becoming experts in code review. Some folks ported the code to various languages, some folks embedded malware in forks of it, and some folks tossed the whole thing into an LLM and presumably prompted “Make me look smart on LinkedIn”.
https://liminalstack.com/posts/operon-kairos/

Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security Centre warned on Thursday. Cisco Talos researchers say that Firestarter embeds itself into the device’s boot sequence by manipulating a startup configuration list, ensuring it automatically reactivates every time the device restarts normally.
https://www.helpnetsecurity.com/2026/04/24/cisco-firepower-firestarter-backdoor/

Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an attempt to steal recovery phrases and private keys since at least fall 2025.
https://thehackernews.com/2026/04/26-fakewallet-apps-found-on-apple-app.html

The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities, universities, and private companies, in violation of export control laws.
https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html

Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid.
https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/

Threat actors are exploiting a critical flaw, tracked as CVE-2026-3844 (CVSS score of 9.8), in the Breeze Cache WordPress plugin, allowing them to upload files to a server without authentication. The vulnerability has already been used in over 170 attack attempts detected by Wordfence.
https://securityaffairs.com/191267/uncategorized/over-400000-sites-at-risk-as-hackers-exploit-breeze-cache-plugin-flaw-cve-2026-3844.html

A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named “Snow,” which includes a browser extension, a tunneler, and a backdoor. Their goal is to steal sensitive data after deep network compromise through credential theft and domain takeover.
https://www.bleepingcomputer.com/news/security/threat-actor-uses-microsoft-teams-to-deploy-new-snow-malware/

Bitwarden CLI has been compromised as part of the ongoing Checkmarx supply chain campaign, researchers warn. The affected version, @bitwarden/cli 2026.4.0, contained malicious code hidden in the bw1.js file. The breach likely stemmed from a compromised GitHub Action in Bitwarden’s CI/CD pipeline, mirroring tactics seen in other attacks in this campaign.
https://securityaffairs.com/191215/malware/checkmarx-supply-chain-attack-impacts-bitwarden-npm-distribution-path.html

Trigona ransomware now uses a custom command-line tool to steal data faster and evade detection, replacing tools like Rclone and MegaSync.
https://securityaffairs.com/191294/cyber-crime/trigona-ransomware-adopts-custom-tool-to-steal-data-and-evade-detection.html

Utility technology company Itron, Inc. has disclosed that an unauthorized third party accessed some of its internal systems during a cyberattack. The company states that it activated its cybersecurity response plan when detecting the activity last month, notified law enforcement authorities, and engaged external advisors to support the investigation and incident containment.
https://www.bleepingcomputer.com/news/security/american-utility-firm-itron-discloses-breach-of-internal-it-network/

CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated file access via path traversal.
https://securityaffairs.com/191343/hacking/critical-bug-in-crowdstrike-logscale-let-attackers-access-files.html

Cybersecurity researchers at the identity protection firm Silverfort found a vulnerability in a Microsoft platform built to manage AI. The issue involved Microsoft Entra Agent ID, an identity and authorisation framework that gives AI agents their own identities.
https://hackread.com/microsoft-entra-agent-id-flaw-tenant-takeover/

Itron disclosed a cyber incident involving unauthorized access to part of its internal IT systems, detected on April 13, 2026. The company activated its incident response plan, engaged external cybersecurity experts, and notified law enforcement to investigate and contain the intrusion. The company reported that no unauthorized activity was seen in the customer-hosted portion of its systems, which is an important detail because Itron works with utility infrastructure and critical operational environments.
https://securityaffairs.com/191360/data-breach/u-s-utility-giant-itron-discloses-a-security-breach.html

Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers.
https://thehackernews.com/2026/04/fake-captcha-irsf-scam-and-120-keitaro.html