Cybersecurity Weekly — Apr 22, 2026

This week told one story in three voices: the tools you trust most are the ones getting you hacked. A Vercel employee connected an AI productivity app to their work Google account and handed a thief the keys to a sizable chunk of the modern internet. A ransomware crew spent 36 quiet days inside Cisco's firewall-management console — the thing enterprises buy to prevent ransomware. And a PDF that made it to your inbox sometime around Christmas may have been quietly casing your laptop ever since. The throughline isn't clever new malware. It's that attackers have stopped trying to break your locks and started walking in through the vendors, consoles, and "Allow All" buttons you already approved.

• CVE-2026-34621 — Adobe Acrobat and Reader (DC, 2024): patched April 11, actively exploited for four to five months prior to the patch, added to CISA KEV April 13 with a federal deadline of April 27. Malicious PDFs execute obfuscated JavaScript to fingerprint systems and exfiltrate data.
• CVE-2026-20131 — Cisco Secure Firewall Management Center: patched March 4, CVSS 10.0, exploited by Interlock ransomware for 36 days before Cisco's patch. Unauthenticated remote root via arbitrary Java execution on the console that runs your firewalls.
• CVE-2026-32201 — Microsoft SharePoint Server: patched in April Patch Tuesday (one of 169 fixes), actively exploited, CVSS 6.5 spoofing flaw. CISA federal deadline April 28; roughly 1,370 SharePoint servers reachable from the public internet.
• CVE-2026-35616 — Fortinet FortiClient EMS 7.4.5 and 7.4.6: hotfix available, full patch pending in 7.4.7, CVSS 9.1, actively exploited and being chained with CVE-2026-21643 (SQL injection) for full RCE. Shadowserver counted about 2,000 exposed instances.
• Lumma Stealer → Context.ai → Vercel OAuth chain — infostealer deployment via Roblox cheat scripts; attacker pivoted through a compromised AI productivity tool's OAuth scopes into Vercel's Google Workspace. Data reportedly listed for $2 million on BreachForums.

Here's the sentence every IT manager will be reading twice this week: a breach at one of the most important web hosting platforms on the internet began with a developer at a small AI startup downloading a Roblox cheat script.

According to CyberScoop's reporting on Hudson Rock's analysis, a Context.ai employee was infected with Lumma Stealer in February after searching for Roblox "auto-farm" exploits — a well-worn infostealer delivery vector. That malware scraped the employee's credentials, including OAuth tokens (the digital "already logged in" passes apps use to stay connected to your Google account). One of Context.ai's users was a Vercel employee who had granted the app broad permissions in Vercel's enterprise Google Workspace. The attacker rode the chain in.

From there, per Vercel's own incident bulletin, the intruder accessed Vercel environments and environment variables not marked "sensitive" — the files where developers store AWS credentials, database passwords, and payment-processor API keys. TechCrunch reports the breach may affect "hundreds of users across many organizations." Data is reportedly being sold on BreachForums for $2 million by an actor posing as ShinyHunters, though BleepingComputer notes threat actors tied to recent ShinyHunters campaigns have denied involvement.

What changes if this keeps unraveling: every org that approved an AI productivity tool in the last 18 months has to assume its OAuth scopes are now an attack surface, not a convenience feature. What to watch: downstream breach notifications from Vercel customers over the next four to six weeks. If they cluster around crypto, fintech, or infrastructure-as-code shops, the blast radius was much bigger than Vercel's initial "limited" framing suggests.

Rotate your Vercel environment variables today. Then pull your Google Workspace OAuth app report and look hard at what you've approved.

Imagine you patch every vulnerability the day it drops. You're doing everything right. And you still got hit — amid evidence the attackers knew about the bug five weeks before anyone else did.

That's CVE-2026-20131: a CVSS 10.0 flaw in Cisco Secure Firewall Management Center — the console enterprises use to run their Cisco firewalls. Per The Hacker News, an unauthenticated attacker on the internet could bypass authentication and execute arbitrary Java code as root. Amazon's threat intelligence team found the Interlock ransomware group had been exploiting it since January 26, 2026 — 36 days before Cisco's March 4 patch. Amazon's researchers discovered this by simulating a successful exploit and tricking the attackers into delivering their toolkit to an AWS-controlled host, which turned out to be a central hub organized by a victim.

Interlock's preferred targets, per SecurityWeek: education, engineering, manufacturing, healthcare, and government — sectors where operational downtime forces fast payment.

What changes if this pattern holds: "patch promptly" stops being a meaningful defense posture for network-management appliances. The window between first exploitation and public disclosure is now the prime hunting season, and it's measured in months. What to watch: public breach disclosures from Cisco FMC customers over the next six to eight weeks. Organizations compromised during that 36-day window are only now finishing incident response.

If you've ever bought a McGraw Hill textbook or taken an online course using its platform, check your inbox settings. Your contact information is probably on a hacker's leak site now.

BleepingComputer reports that the ShinyHunters extortion group leaked data from 13.5 million McGraw Hill user accounts, stolen via a misconfigured Salesforce environment. McGraw Hill — a 117-year-old educational publisher with $2.2 billion in annual revenue — confirmed the breach but called the exposure "limited." More than 100GB of data was publicly distributed, containing 13.5 million unique email addresses plus inconsistently populated fields for names, addresses, and phone numbers.

The Register notes the vector is the real story: most Salesforce compromises don't stem from flaws in Salesforce itself, but from stolen credentials, abused OAuth apps, or over-permissioned integrations that give attackers legitimate access. BleepingComputer's reporting ties ShinyHunters to a systematic 2026 campaign that's also hit Rockstar Games, Wynn Resorts, the European Commission, Hims & Hers, Telus Digital, Canada Goose, Match Group, Panera Bread, and CarGurus — same method, same playbook.

What changes if this keeps working: Salesforce stops being treated as infrastructure and starts being treated as an attack surface, with the audit budget to match. What to watch: insurance underwriters pricing Salesforce misconfiguration into premiums. That's the canary for whether "cloud misconfiguration" becomes a board-level line item.

PDFs are the most trusted file format in business — invoices, contracts, research papers — and that trust has been weaponized for months.

Per TechCrunch, Adobe patched CVE-2026-34621 on April 11 in Acrobat DC, Reader DC, and Acrobat 2024. Researcher Haifei Li discovered the flaw after a malicious PDF was anonymously uploaded to VirusTotal on March 23 — where, Dark Reading reports, just five of 64 security tools flagged it as suspicious. Li told BleepingComputer exploitation had been seen in attacks since at least December, making the quiet window closer to four or five months.

The malware's behavior is what should unsettle you. Rather than immediately deploying a payload, it uses Adobe Reader APIs to reconnoiter — harvesting OS version, installed software, language settings, and file paths — and phones home for instructions. SecurityWeek reports the lures were in Russian and referenced current events in Russia's oil and gas sector, which Li says suggests an APT. CISA added it to KEV on April 13 with a federal deadline of April 27.

What changes if this goes unaddressed at enterprise scale: every PDF received from an external party in Q1 becomes a potential fingerprint submission. What to watch: which nation-state gets formally attributed. The Russian-language oil-and-gas targeting fits several possible actors, and the attribution will shape how NATO-aligned defenders prioritize PDF-based threat hunting.

For years, anyone with $20 and a grudge could rent a "booter" and knock a competitor, an ex, or a gaming rival offline. Europol just made that significantly more uncomfortable.

Digital Forensics Magazine reports that authorities in 21 countries seized 53 DDoS-for-hire domains, arrested four suspects, executed 25 searches, and — per the U.S. Justice Department — sent warnings to roughly 75,000 identified customers. The letters are the novel part. Previous PowerOFF sweeps focused on infrastructure; those services rebuilt. Telling 75,000 people "we know you paid for this" changes the math for would-be customers who assumed anonymity was part of the purchase.

What changes if this works: demand-side enforcement becomes the default cybercrime deterrence model, not the exception. What to watch: whether follow-on indictments emerge from that customer database over the next 12–18 months. If they do, law enforcement has a reusable playbook. If they don't, the letters were theater and the services will quietly rebuild at higher prices.

The old mental model of ransomware is "hackers sneak in, lurk for weeks, then encrypt everything." Microsoft's April 6 threat intelligence post on the actor it tracks as Storm-1175 — linked to Medusa ransomware — describes something much faster.

Microsoft documents weaponization of some disclosed bugs within a day, with initial access to ransomware deployment sometimes happening in the same 24-hour window. The group has also used zero-days in at least three operations, including SmarterMail CVE-2026-23760 and GoAnywhere MFT CVE-2025-10035, before public disclosure.

What changes if this speed becomes standard: the break-in and the robbery become the same event. Security teams lose the dwell-time window they've relied on for detection-in-depth. What to watch: whether cyber insurance carriers start excluding "vulnerable web-facing asset" coverage from policies. That's the signal that the patch-gap risk has become uninsurable at commodity prices.

Quieter than the FMC story but pulling the same direction: Cisco updated its advisory for Catalyst SD-WAN Manager after confirming active exploitation of multiple flaws, including CVE-2026-20122 (arbitrary file overwrite), CVE-2026-20128 (stored credential disclosure), and CVE-2026-20129 (unauthenticated authentication bypass). Cisco's PSIRT indicates upgrading to fixed releases — 20.9.8.2, 20.12.6.1, 20.15.4.2, or 20.18.2.1 — is the only reliable remediation.

The ugly part is where these bugs live: in the control plane large enterprises use to manage branch connectivity at scale. Successful exploitation is functionally equivalent to stealing the network master key. Combined with Interlock's Cisco FMC campaign, a pattern is hardening: adversaries are bypassing endpoint telemetry entirely by targeting management appliances, which often carry long-lived privileged sessions and almost never have EDR agents watching them.

What changes if the pattern continues: network device forensics — currently a niche skill — becomes table stakes for incident response. What to watch: whether CISA starts requiring federal agencies to deploy dedicated monitoring for network management appliances. If they do, expect the private sector to follow within a year.

CERT-UA published a detailed advisory on the UAC-0247 cluster (also tracked as UAC-0244) documenting a March–April surge of attacks against clinical hospitals, emergency services, municipal authorities, and — notably — operators of FPV drones. The lures impersonate humanitarian aid coordination and ask recipients to click links to register for assistance; the payload is a remote-access trojan. The FPV drone operator targeting is the novel wrinkle: it suggests the actor is no longer just collecting generic intelligence but specifically trying to identify and compromise individual military-adjacent operators via their civilian inboxes. Empathy, in wartime, is now an attack vector — and the contextual phishing templates perfected in Ukraine historically migrate to Western targets within months. Source: CERT-UA Advisory #6288271 — Ukrainian. No English-language coverage confirmed at time of publication.

Xakep reports that a researcher going by "RedSun" has published proof-of-concept exploits for previously undisclosed vulnerabilities in Microsoft Defender — the endpoint protection product shipped with every modern Windows install. The PoCs have not been picked up in English-language security press as of publication, and Microsoft has not yet issued an advisory. If these reproduce as described, it means the default security agent on roughly a billion Windows endpoints has working public exploit code circulating before Redmond has acknowledged the flaws. That's the textbook worst-case disclosure pattern. Watch MSRC for an emergency advisory in the next several days. Source: Xakep.ru — Russian. No English-language coverage confirmed at time of publication.

Xakep reports that apps masquerading as legitimate cryptocurrency wallets were discovered on Apple's Chinese App Store, harvesting seed phrases from users who thought they were using vetted software. The China App Store is operated under separate curation and review processes from Apple's global storefront, and this is not the first time that distinction has produced a meaningful security gap. For users: the App Store is not a uniform trust boundary, and "I downloaded it from Apple" means different things in different jurisdictions. Source: Xakep.ru — Russian. No English-language coverage confirmed at time of publication.

A Roblox auto-farm script cost Vercel its environment variables, a PDF written in Russian spent Christmas through April quietly measuring the curtains in European oil-and-gas networks, and 75,000 people who rented a DDoS service just got the digital equivalent of a "we know what you did last summer" card in the mail. Somewhere in all of this, a researcher asked Claude Opus to write him a Chrome exploit and expensed it as $2,283 in API credits — which may turn out to be the single most consequential line item on a corporate card this quarter.

Stay paranoid. Rotate your keys.

If you know someone who still clicks "Allow All" on OAuth prompts without reading them, forward this to them. Gently.