Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram

Weekly Security Intelligence Briefing — Week of 2026-04-20

Briefing
og security news briefs
_ _ Tech Jacks Solutions_ 0 Comments

Executive Summary

The week of April 20, 2026 presents an elevated and unusually broad risk posture driven by converging nation-state activity, a catastrophic software supply chain attack, and multiple actively exploited vulnerabilities across widely deployed enterprise products. The SCC pipeline tracked 57 intelligence items this week, including 8 CISA KEV additions, 6 critical CVEs (CVSS 9.0+), and 14 active campaigns. The defining event of the week is the DPRK BlueNoroff cluster’s (STARDUST CHOLLIMA) confirmed compromise of the Axios npm package — a library with hundreds of millions of downloads — deploying cross-platform ZshBucket malware with forensic evasion capabilities against fintech and cryptocurrency organizations. This campaign, combined with the broader Axios/Trivy/LiteLLM supply chain cluster documented earlier in the reporting period, establishes software supply chain attacks as the dominant initial access vector this week. Iran-affiliated actors have resumed ICS/OT operations targeting Rockwell Automation FactoryTalk and Allen-Bradley PLCs in U.S. critical infrastructure following a 47-day connectivity blackout after Operation Epic Fury, representing an urgent threat to energy, utilities, and manufacturing sectors. Three Windows Defender privilege escalation zero-days (RedSun, UnDefend, BlueHammer) are under active exploitation, with two remaining unpatched. Apache ActiveMQ’s 13-year-old Jolokia attack surface is now under active exploitation. NIST NVD’s triage policy change has created a structural intelligence gap for non-KEV CVEs, requiring organizations to diversify enrichment sources immediately. CISA’s reduced operational capacity due to a government shutdown amplifies all threat vectors this week.

Critical Action Items

  1. Axios npm Package (DPRK ZshBucket Malware — SCC-CAM-2026-0188): Audit all package-lock.json, yarn.lock, and pnpm-lock.yaml files for Axios versions published around March 31, 2026. Isolate affected systems immediately. Rotate all credentials and tokens on compromised hosts. Reimage systems confirmed to have executed ZshBucket payloads. Refer to CrowdStrike advisory for confirmed IOC hashes and C2 domains. No KEV deadline; treat as active breach.
  2. Windows Defender LPE Zero-Days RedSun & UnDefend (CVE-2026-33825 / BlueHammer patched — SCC-CVE-2026-0047): Apply April 2026 Patch Tuesday update for CVE-2026-33825 immediately to all Windows 10, 11, and Server 2019+ systems. For RedSun and UnDefend (unpatched), enforce least-privilege, deploy WDAC/AppLocker, and remove local admin rights from standard users. Monitor for SYSTEM-level process anomalies. CISA KEV — no deadline published but active exploitation confirmed.
  3. Fortinet FortiClient EMS SQL Injection (CVE-2026-21643 — SCC-CVE-2026-0031): CISA KEV deadline April 16, 2026 (PASSED). Immediately restrict FortiClient EMS management interface to trusted IP ranges. Apply Fortinet PSIRT patch for CVE-2026-21643. If already expired, confirm patch status and conduct post-compromise review. Treat any unpatched instance as potentially compromised.
  4. Microsoft SharePoint Server Improper Input Validation (CVE-2026-32201 — SCC-CVE-2026-0041): CISA KEV deadline April 28, 2026. Apply April 2026 Patch Tuesday update. Restrict external access to SharePoint Server at the perimeter. Audit SharePoint logs for T1078 anomalies and unauthorized sharing permissions.
  5. Adobe Acrobat/Reader Prototype Pollution RCE (CVE-2026-34621 — SCC-CVE-2026-0033): CISA KEV deadline April 27, 2026. Apply Adobe Security Bulletin APSB26-43. Restrict PDF opening in Acrobat/Reader via Group Policy until patched. Enable Protected View mode as interim mitigation.
  6. MajorDoMo OS Command Injection & Code Injection (CVE-2026-27175 and CVE-2026-27174 — SCC-CVE-2026-0051, SCC-CVE-2026-0032): Both on CISA KEV. Immediately block access to /admin.php and all MajorDoMo admin endpoints at the network perimeter. Take internet-facing instances offline. Search web logs for exploitation attempts. Apply vendor patch when available.
  7. Apache ActiveMQ Jolokia RCE (CVE-2026-34197 cluster — SCC-CVE-2026-0046): Block external access to Jolokia endpoints (port 8161, /api/jolokia). Upgrade ActiveMQ Classic to 5.19.4 or 6.2.2. Rotate default credentials. Hunt for unexpected child processes from the broker JVM. Active exploitation confirmed at 91st EPSS percentile.
  8. Iran-Affiliated ICS/OT Targeting of Rockwell Automation PLCs (SCC-CAM-2026-0185 and SCC-CAM-2026-0172): Immediately audit and isolate internet-facing Rockwell Automation FactoryTalk and Allen-Bradley PLCs. Consult CISA Advisory AA26-097A. Rotate all PLC credentials. Verify OT network segmentation. Hunt for T1078, T1133, and T0855 indicators.

Key Security Stories

DPRK BlueNoroff Backdoors Axios npm Package, Deploys Cross-Platform ZshBucket Malware Against Fintech

CrowdStrike attributed a supply chain attack against the Axios npm HTTP library to STARDUST CHOLLIMA, the BlueNoroff cluster operating under North Korean state direction. The threat actor used stolen maintainer credentials to publish a trojanized version of Axios on approximately March 31, 2026, embedding the ZshBucket malware family into one of the most widely depended-upon packages in the Node.js ecosystem. ZshBucket executes cross-platform payloads — PowerShell on Windows, Python on Linux, AppleScript on macOS — using platform-native scripting interpreters to blend with legitimate execution environments. A companion component designated SILKBELL performs forensic evasion through self-cleanup, deleting artifacts correlated with npm postinstall lifecycle hooks, complicating retroactive investigation.

The campaign specifically targets fintech and cryptocurrency sector organizations where Node.js is common in backend infrastructure. Initial access via T1195.001 (Compromise Software Dependencies and Development Tools) and T1195.002 gives the actor reach into build pipelines, developer workstations, and CI/CD runners. Post-compromise behavior includes process injection (T1055), C2 over web protocols with JSON-formatted payloads (T1071.001), and exfiltration over C2 channel (T1041). Detection requires examining npm postinstall script behavior: Node.js spawning PowerShell, osascript, or Python processes is abnormal for a legitimate HTTP library. Confirm affected versions against CrowdStrike and Snyk advisories before remediating.

Organizations should audit all environments for Axios versions from the March 31 window, rotate all credentials accessible to affected Node.js processes, and reimage confirmed compromised systems rather than attempting in-place cleanup given SILKBELL’s evasion capability. This campaign is the highest-priority item in this week’s briefing.

Affected: Axios npm package (trojanized versions, March 31, 2026); Node.js ecosystem; Linux, macOS, Windows
Status: Active exploitation confirmed
Sources: CrowdStrike — https://www.crowdstrike.com/en-us/blog/stardust-chollima-likely-compromises-axios-npm-package/; Snyk — https://snyk.io/blog/axios-npm-package-compromised-supply-chain-attack-delivers-cross-platform/

Iran-Affiliated Actors Resume ICS/OT Targeting After Operation Epic Fury — Rockwell Automation PLCs and Palo Alto Products in Scope

Following a 47-day communications blackout after Operation Epic Fury, Iran-affiliated threat actors have resumed active targeting of industrial control systems, with confirmed focus on Rockwell Automation FactoryTalk, Allen-Bradley PLCs, Unitronics PLCs, and Palo Alto Networks security infrastructure including Cortex XDR, XSIAM, Xpanse, and Next-Generation Firewalls. This resumption represents a deliberate pivot toward OT destructive capability, with mapped ATT&CK for ICS techniques including T0816 (Device Restart/Shutdown), T0843 (Program Download), T0855 (Unauthorized Command Message), and T0831 (Manipulation of Control). CISA Advisory AA26-097A provides the primary source for IOCs and mitigation guidance.

The attack surface spans energy, utilities, food processing, and financial services sectors. Initial access vectors include spearphishing (T1566.002), exploitation of internet-accessible devices (T0883), and abuse of valid accounts via external remote services (T1133). Defense impairment (T1562) against Palo Alto Cortex and NGFW products indicates deliberate effort to reduce detection capability before OT-stage operations. Censys research cited in related reporting indicates approximately 4,000 U.S.-exposed industrial devices in scope.

Immediate actions: audit and isolate internet-facing Rockwell Automation devices, verify OT/IT network segmentation, rotate PLC credentials, and review CISA AA26-097A for specific IOCs. Organizations should consult Rockwell Automation’s trust center at https://www.rockwellautomation.com/en-us/trust-center/security-advisories.html for applicable firmware advisories. Human validation of this URL is recommended before use.

Affected: Rockwell Automation FactoryTalk, Allen-Bradley PLCs, Unitronics PLCs, Palo Alto Networks Cortex XDR/XSIAM/Xpanse/NGFW
Status: Active campaign
Source: CISA Advisory AA26-097A — https://www.cisa.gov/news-events/cybersecurity-advisories/aa26-097a

Three Windows Defender LPE Zero-Days Under Active Exploitation — Two Remain Unpatched

Three local privilege escalation vulnerabilities in Microsoft Windows Defender have been identified in active exploitation this week. CVE-2026-33825 (BlueHammer) was patched in the April 2026 Patch Tuesday release and carries CVSS 9.5 with CISA KEV designation. Two additional vulnerabilities designated RedSun and UnDefend have not received vendor patches as of this reporting period. Private intelligence from Huntress has identified IOCs associated with an April 10 intrusion via a compromised VPN account. UnDefend specifically targets Defender’s update mechanism, preventing signature updates (T1562.001), while RedSun exploits a local privilege escalation path consistent with symlink/junction abuse (CWE-59, CWE-269).

The attack chain maps to T1068 (Exploitation for Privilege Escalation), T1562.001 (Disable or Modify Tools), T1543 (Create or Modify System Process), and T1078 (Valid Accounts). The initial confirmed intrusion vector was a compromised VPN account, underscoring the importance of phishing-resistant MFA on remote access infrastructure. Detection requires behavioral monitoring: look for SYSTEM-level process spawns from non-SYSTEM parent processes, taskhostw.exe behavioral anomalies, and Defender signature update failures outside maintenance windows.

For BlueHammer: apply the April 2026 cumulative update immediately. For RedSun and UnDefend: no patch exists. Compensating controls include enforcing least-privilege, deploying WDAC or AppLocker to restrict binary execution in writable directories, removing local admin rights from standard user accounts, and ensuring MFA is enforced on all VPN entry points. Monitor the Microsoft Security Response Center for patch releases for the two unpatched CVEs.

Affected: Windows 10, Windows 11, Windows Server 2019 and later, Microsoft Defender
Status: Active exploitation confirmed; CVE-2026-33825 patched; RedSun and UnDefend unpatched
Source: Microsoft MSRC — https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825

Broad Software Supply Chain Compromise Week: Axios, Trivy, LiteLLM, Checkmarx, and OpenAI Certificate Revocation Deadline May 8

Beyond the DPRK Axios campaign, a separate but overlapping supply chain compromise cluster (SCC-CAM-2026-0170) documented earlier this period encompasses Aqua Security’s Trivy vulnerability scanner (CVE-2026-33634, CVSS 9.5, EPSS 95th percentile), LiteLLM and Telnyx Python SDKs on PyPI, Checkmarx GitHub Actions workflows, and OpenAI’s macOS applications including ChatGPT Desktop, Codex, Codex CLI, and Atlas. Hundreds of thousands of secrets are reported exposed. OpenAI has issued a hard deadline of May 8, 2026 for certificate revocation; all affected macOS app installations must be updated to re-signed releases before that date or will cease functioning.

The Trivy compromise is particularly significant because security scanning infrastructure is frequently excluded from standard monitoring coverage. Organizations that relied on Trivy for container and vulnerability scanning during the compromise window may have received false assurance while the scanner itself exfiltrated credentials and environment data. The Aqua Security advisory GHSA-69fq-xp46-6×23 is the authoritative IOC source for the Trivy compromise.

The combined scope of this week’s supply chain activity — npm, PyPI, GitHub Actions, container scanning, and AI desktop applications — represents the broadest simultaneous supply chain attack surface observed in a single reporting period. Organizations must audit their SBOM and dependency manifests across all package ecosystems, rotate credentials accessible to any affected tooling, and verify CI/CD pipeline artifact integrity.

Affected: Axios npm, Trivy (Aqua Security), LiteLLM, Telnyx Python SDK, Checkmarx GitHub Actions, OpenAI ChatGPT Desktop/Codex/Atlas (macOS)
Status: Active; OpenAI certificate deadline May 8, 2026
Sources: Aqua Security GHSA-69fq-xp46-6×23 — https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6×23; NVD CVE-2026-33634 — https://nvd.nist.gov/vuln/detail/CVE-2026-33634

Dependabot and Renovate Automation Tools Abused as Malware Delivery Vectors in CI/CD Pipelines

A newly documented attack pattern exploits the automatic merge behavior of GitHub Dependabot and Mend Renovate dependency update bots to deliver malicious packages into production pipelines. Threat actors publish typosquatted or malicious packages and time their publication to coincide with bot-generated update proposals. When auto-merge is enabled without human review requirements, the malicious package enters the build pipeline within minutes of the bot’s proposal. This technique abuses T1195.001 (Compromise Software Dependencies and Development Tools) and T1072 (Software Deployment Tools), creating persistence (T1554) in build artifacts without any direct actor interaction with the target environment.

The attack is difficult to detect because the bot’s activity appears legitimate in audit logs. Detection requires cross-referencing bot-proposed packages against OSV.dev and npm advisory databases and flagging packages published within 7 days of the bot’s proposal — a high-confidence typosquatting indicator. Organizations should immediately disable auto-merge on all Dependabot and Renovate pull requests, enforce CODEOWNERS rules requiring human approval, and implement minimum-age policies (7 days) for new dependency versions.

Affected: GitHub Dependabot, Mend Renovate, all CI/CD workflows using automated dependency management
Status: Active campaign; no specific IOC hashes confirmed
Reference: OSV.dev — https://osv.dev

protobuf.js Critical RCE (GHSA-xq3m-2v4x-88gg) — Public PoC Available, Affects Node.js Ecosystem

A critical remote code execution vulnerability (CVSS 9.5) in protobufjs (protobuf.js) versions 8.0.0 and below, and the 7.x branch below 7.5.4, exploits an unsafe Function() constructor pattern during schema loading. A public proof-of-concept is available, significantly accelerating exploitation timelines. The vulnerability maps to T1190 (Exploit Public-Facing Application), T1059.007 (JavaScript), and T1210 (Exploitation of Remote Services). Any service that accepts untrusted protobuf schema input is directly exploitable.

Organizations should run npm audit targeting GHSA-xq3m-2v4x-88gg across all Node.js repositories and deployed artifacts. Upgrade protobufjs to 7.5.4 on all 7.x deployments. For services on the 8.x branch, monitor the advisory for patch availability and implement compensating controls — restrict schema ingestion from untrusted sources at the API gateway layer until patching is confirmed. This vulnerability arrived in the same week as the DPRK Axios compromise, creating a compounding risk for Node.js environments that must be triaged independently.

Affected: protobufjs versions 8.0.0 and below; 7.x below 7.5.4; Node.js/npm ecosystem
Status: Public PoC available; no confirmed active exploitation yet
Reference: GHSA-xq3m-2v4x-88gg (OSV)

ZionSiphon ICS Malware Targets Israeli Water Infrastructure — Sabotage Capability Confirmed, Currently Non-Functional

Darktrace published analysis of ZionSiphon, a purpose-built ICS malware targeting Israeli water treatment and desalination infrastructure. The malware communicates via Modbus, DNP3, and S7comm protocols and includes capability for parameter manipulation (T0836), denial of control (T0813), and spoofing of reporting messages (T0856) that could affect chemical dosing and hydraulic pressure setpoints. Critically, a logic flaw currently renders the sabotage capability non-functional — however, Darktrace explicitly assessed that fixing this flaw requires minimal effort, making remediation timelines urgent rather than deferred.

The malware spreads via removable media (T1091) and achieves persistence through shortcut modification (T1547.009). Detection requires monitoring OT network traffic for unsolicited Modbus write commands (function codes 6 and 16) to flow control or chemical dosing registers outside authorized change windows. Darktrace’s published analysis includes YARA rules and IOCs. While primary targeting is Israeli infrastructure, the malware’s modular design and protocol coverage make it a template concern for any organization operating water-sector OT with Modbus, DNP3, or S7comm exposure.

Affected: Water treatment and desalination OT/ICS systems; Modbus, DNP3, S7comm protocol environments
Status: Malware confirmed; sabotage module currently non-functional but easily repaired
Source: Darktrace — https://www.darktrace.com/blog/inside-zionsiphon-darktraces-analysis-of-ot-malware-targeting-israeli-water-systems

AgingFly Malware Compiles Payloads at Runtime — Nation-State Campaign Targeting Ukrainian Critical Infrastructure

CERT-UA attributed the AgingFly campaign to UAC-0247, targeting Ukrainian government, healthcare, and defense-affiliated sectors. AgingFly’s defining technical characteristic is runtime code compilation: it invokes the .NET compiler (csc.exe, vbc.exe, or MSBuild.exe) from unexpected parent processes to generate payloads on target systems, bypassing static signature-based detection. This maps to T1620 (Reflective Code Loading) and T1027.010 (Command Obfuscation), and represents a deliberate detection engineering challenge.

The campaign exfiltrates credentials from Chromium-based browsers and WhatsApp for Windows (T1555.003, T1539), maintains persistence via registry run keys (T1547.001), and communicates over obfuscated web protocols (T1071.001, T1572). Detection requires behavioral monitoring: csc.exe or MSBuild.exe spawned by non-development parent processes is a high-fidelity indicator. IOCs from CERT-UA should be validated before production deployment, as secondary source reporting for this campaign requires direct advisory confirmation.

Affected: Windows broadly; Chromium-based browsers; WhatsApp for Windows
Status: Active nation-state campaign
Source: CERT-UA (primary advisory — retrieve directly from CERT-UA official channels)

CISA Operational Capacity Degraded by Government Shutdown — Sector ISACs Must Fill Gap

CISA has publicly warned of “detrimental capacity impacts” during the current government shutdown period, reducing real-time advisory throughput, stakeholder outreach, and CIRCIA incident reporting capacity. This degradation occurs during a week of historically elevated threat activity including active nation-state ICS/OT campaigns, multiple KEV-listed vulnerabilities, and a major supply chain event. Federal agencies face direct compliance risk; commercial organizations face indirect risk from reduced advisory velocity.

Security teams should activate backup threat intelligence sources: sector ISACs (E-ISAC, WaterISAC, FS-ISAC), NCSC-UK, ACSC (Australia), and commercial TI providers. Review IR playbooks for CISA-dependent steps and document interim escalation paths. Elevate monitoring posture for TTPs historically associated with nation-state targeting of ICS/OT. Document the capability gap in your risk register for post-shutdown review and third-party intelligence sourcing improvement.

Source: CISA — https://www.cisa.gov

NIST NVD Triage Policy Change Creates Structural Vulnerability Intelligence Gap

NIST implemented a triage policy change effective approximately April 15, 2026, limiting full enrichment (CVSS, CWE, CPE) to CVEs meeting KEV criteria or other priority thresholds. CVEs returning “Not Scheduled” status will no longer receive CVSS base scores, CWE tags, or CPE strings under the new policy. This directly impacts any vulnerability management pipeline that relies on NVD as its primary enrichment source, including scanners, SIEM enrichment jobs, SOAR playbooks, and risk scoring models that auto-assign severity bands from CVSS data.

Organizations must audit their vulnerability management pipelines to identify NVD-dependent components, then integrate at least one alternative enrichment source: OSV.dev for open-source ecosystem coverage, vendor-direct OVAL feeds, or commercial TI platforms with independent scoring. Configure pipeline fallback logic for null NVD fields. This is a structural control gap that compounds the risk presented by this week’s CVE volume — multiple items in this briefing may receive delayed or absent enrichment under the new policy.

Source: NIST NVD — https://nvd.nist.gov

Frontier AI Crosses Vulnerability Threshold — Anthropic Claude Mythos and Project Glasswing Signal Compressed Exploitation Timelines

Anthropic’s Claude Mythos preview, in partnership with CrowdStrike under Project Glasswing, has reportedly demonstrated the ability to discover novel zero-day vulnerabilities in major operating systems and browsers at a scale and speed that compresses traditional remediation timelines. Anthropic attributed AI-assisted vulnerability discovery capabilities to state-sponsored actors including China, Iran, North Korea, and Russia, framing this as a capability-threshold event for the enterprise security industry. The core risk is not a single CVE but a structural change in the adversary resource requirement for novel exploit development.

This story is an informational priority item (SCC priority score 0.861) requiring strategic planning response rather than immediate technical remediation. Security teams should update threat models to elevate probability weighting for novel exploits, assess EDR and patch management coverage across all major OS and browser versions, and review patch SLA targets that may no longer be defensible under compressed exploitation timelines. Monitor Anthropic’s Project Glasswing announcements and CISA advisories for confirmed zero-day disclosures linked to AI-assisted discovery.

Source: Anthropic Project Glasswing — anthropic.com/glasswing (URL not actively verified; human validation recommended); CrowdStrike blog — crowdstrike.com

CISA KEV & Critical CVE Table

CVE Product CVSS EPSS %ile Status KEV Deadline Description
CVE-2026-27175 MajorDoMo (Major Domestic Module) 9.8 96.2% KEV — Active Exploitation Not published OS Command Injection via rc/index.php and cycle_execs.php; unauthenticated RCE
CVE-2026-27174 MajorDoMo (Major Domestic Module) 9.8 97.9% KEV — Active Exploitation Not published Code Injection via PHP console ajax handler; unauthenticated RCE via /admin.php
CVE-2026-33825 Microsoft Windows / Defender (BlueHammer) 9.5 12.2% KEV — Active Exploitation; Patched April 2026 Not published Windows Defender LPE zero-day; part of three-CVE cluster with unpatched RedSun and UnDefend
CVE-2026-32201 Microsoft SharePoint Server 7.5 0.0% KEV April 28, 2026 Improper Input Validation; authenticated exploitation path; access to document stores
CVE-2026-34621 Adobe Acrobat and Reader 8.8 11.4% KEV — Active Exploitation April 27, 2026 Prototype Pollution enabling arbitrary code execution via malicious PDF
CVE-2026-21643 Fortinet FortiClient EMS 9.8 94.3% KEV — Deadline Passed April 16, 2026 (PASSED) Critical SQL Injection; unauthenticated exploitation; confirmed affected version 7.4.4
CVE-2026-33032 Nginx UI (nginx_ui ≤ 2.3.5) 9.8 18.9% KEV — Active Exploitation Not published Missing authentication on MCP endpoint enables complete Nginx service takeover
CVE-2026-33634 Aqua Security Trivy / Axios/LiteLLM supply chain cluster 9.5 95.7% Active Exploitation N/A Supply chain compromise enabling credential exfiltration across multiple ecosystems
GHSA-xq3m-2v4x-88gg protobufjs (protobuf.js) ≤ 8.0.0 / < 7.5.4 9.5 N/A (new) Public PoC Available N/A Unsafe Function() constructor in schema loading enables RCE from untrusted input
CVE-2026-34197 (cluster) Apache ActiveMQ Classic (< 5.19.4, < 6.2.2) 9.5 90.9% Active Exploitation N/A Jolokia HTTP API RCE chain; 13-year attack surface; chained with CVE-2024-32114 and CVE-2023-46604
CVE-2026-20184 / CVE-2026-20147 / CVE-2026-20180 / CVE-2026-20186 Cisco Webex SSO / Cisco ISE 9.5 15.7% Patched — Customer Action Required for Webex SSO cert N/A SAML certificate validation flaw enables impersonation; ISE CVEs include OS command injection
CVE-2026-30623 Anthropic Model Context Protocol (MCP) 9.0 N/A Patch status — verify at vendor N/A Architectural vulnerability in MCP enabling tool invocation abuse; 150M+ ecosystem downloads
CVE-2026-40175 axios (npm) — SSRF/Header Injection 9.1 47.0% Not KEV; active research N/A Header injection chain enables unrestricted cloud metadata exfiltration via SSRF to 169.254.169.254
CVE-2025-60710 Windows 11, Windows Server 2025 (Task Host LPE) 7.5 95.2% Active Exploitation — 5 months post-patch N/A Windows Task Host privilege escalation; patch available November 2025; now confirmed exploited
CVE-2026-5194 wolfSSL < 5.9.1 9.5 10.4% Patched April 8, 2026 N/A Cryptographic bypass enabling certificate forgery; affects ~5 billion embedded/IoT devices
CVE-2026-39987 Marimo Python Notebook 9.8 85.9% Exploited within 10 hours of disclosure N/A Unauthenticated RCE in Marimo notebook server; CWE-306, CWE-94
CVE-2026-3605 HashiCorp Vault / Vault Enterprise 8.1 1.7% Patched — 2.0.0, 1.21.5, 1.20.10, 1.19.16 N/A KVv2 glob policy privilege escalation enabling unauthorized secret deletion
CVE-2026-4525 HashiCorp Vault / Vault Enterprise 7.5 2.9% Patched — 2.0.0, 1.21.5, 1.20.10, 1.19.16 N/A Authorization header pass-through to plugin backends enables token capture
CVE-2026-20929 Microsoft Windows Kerberos / AD CS 7.5 13.5% Patched — January 2026 Patch Tuesday N/A Kerberos relay via DNS CNAME bypasses NTLM mitigations; enables certificate-based persistence

Supply Chain & Developer Tool Threats

Axios npm Package — DPRK STARDUST CHOLLIMA (Highest Severity This Week)

The Axios npm compromise is the most operationally significant supply chain event this week. Stolen maintainer credentials were used to publish a trojanized version on approximately March 31, 2026. The payload (ZshBucket) deploys cross-platform malware and uses SILKBELL for forensic cleanup. Any organization whose Node.js build pipeline or production environment installed Axios during the March 31 window is at risk. Audit package-lock.json and yarn.lock files immediately. Consult CrowdStrike and Snyk advisories for exact trojanized version strings before determining exposure scope.

Aqua Security Trivy — Supply Chain Compromise (CVE-2026-33634)

Trivy, the widely deployed open-source container and vulnerability scanner, was compromised in the same supply chain cluster. Because Trivy is used in CI/CD pipelines specifically for security scanning, its compromise creates a double risk: credential exfiltration during scanning operations, and potential false assurance that scans performed during the compromise window were valid. Organizations using Trivy should verify artifact integrity using Aqua Security’s GHSA-69fq-xp46-6×23 advisory, rebuild scan infrastructure from clean images, and re-run baseline scans against a verified clean version.

Dependabot and Renovate Abuse as Malware Delivery Vectors

Threat actors are publishing typosquatted packages timed to coincide with Dependabot and Renovate bot-generated update proposals, exploiting auto-merge configurations. This attack requires no direct credential compromise — it exploits trust automation. Immediate action: disable auto-merge on all Dependabot and Renovate pull requests, add human approval requirements, and implement 7-day minimum age policies for new dependency versions. Query GitHub Audit Log API filtering on actor:dependabot[bot] for merged PRs without human approval in the past 30 days.

protobuf.js Critical RCE (GHSA-xq3m-2v4x-88gg) — Public PoC

The unsafe Function() constructor vulnerability in protobufjs creates RCE exposure for any Node.js service accepting untrusted schema input. A public PoC is available, which typically drives exploitation timelines from weeks to days. Upgrade to 7.5.4 on all 7.x deployments. Block untrusted schema ingestion at the API gateway layer until patching is confirmed across all environments including transitive dependencies.

EssentialPlugin WordPress Supply Chain — 30+ Plugins, Blockchain-Based C2

The EssentialPlugin (formerly WP Online Support) plugin suite — affecting 30+ WordPress plugins covering sliders, WooCommerce extensions, SEO utilities, and themes — was compromised with a dormant backdoor that activates for Googlebot user-agent requests. C2 resolution uses Ethereum JSON-RPC calls to public blockchain nodes (e.g., infura.io), a novel evasion technique. The WordPress.org forced update does not clean wp-config.php injections; that step requires manual remediation. Detection is server-side only: browser inspection will not reveal the compromise. Organizations running any EssentialPlugin suite component must manually inspect wp-config.php for injected PHP code and search for wp-comments-posts.php masquerading files.

108 Malicious Chrome Extensions — Shared C2 at 144.126.135[.]238

108 coordinated malicious Chrome extensions were identified exfiltrating OAuth2 tokens and Telegram session cookies to a shared C2 infrastructure at 144.126.135[.]238. Extensions targeted Google, YouTube, TikTok, and Telegram Web sessions. Block the C2 IP at perimeter firewall and DNS sinkhole (verify against authoritative TI before broad deployment). Audit installed Chrome extensions via Google Admin Console. Enforce extension allowlist policy in Chrome Enterprise. Revoke Google OAuth2 tokens for affected users immediately.

Anthropic MCP Architectural Vulnerability (CVE-2026-30623)

A critical vulnerability in Anthropic’s Model Context Protocol ecosystem (CVSS 9.0) affects all implementations prior to vendor patch across 150M+ cumulative downloads. This is an architectural issue rather than an implementation defect, meaning it may affect third-party MCP implementations independently. Organizations deploying AI agent orchestration using MCP should inventory all MCP-integrated services, restrict network access to MCP-exposed endpoints, and monitor vendor advisories for patch availability.

Nation-State & APT Activity Summary

North Korea — STARDUST CHOLLIMA (BlueNoroff Cluster)

Attribution: CrowdStrike — high confidence
Targeted Sectors: Fintech, cryptocurrency, Node.js-heavy development organizations
Campaign: Axios npm supply chain compromise deploying ZshBucket cross-platform backdoor
TTPs: T1195.001, T1195.002 (Supply Chain); T1055 (Process Injection); T1070 (Indicator Removal / SILKBELL cleanup); T1059.001 (PowerShell), T1059.006 (Python), T1059.002 (AppleScript); T1041 (Exfiltration over C2); T1543 (Persistence via system process modification)
IOCs: Refer to CrowdStrike advisory for confirmed ZshBucket binary hashes and C2 infrastructure domains — https://www.crowdstrike.com/en-us/blog/stardust-chollima-likely-compromises-axios-npm-package/

Iran — Multiple Clusters (Critical Infrastructure Focus)

Attribution: CISA Advisory AA26-097A; prior CISA AA23-335A (Unitronics campaign reference)
Targeted Sectors: Energy, utilities, water, food processing, financial services; specifically U.S. critical infrastructure
Campaigns: (1) ICS/OT pivot post-Operation Epic Fury — targeting Rockwell Automation FactoryTalk, Allen-Bradley PLCs, and Palo Alto security infrastructure. (2) Resumed operations following 47-day blackout; geopolitical context tied to regional conflict dynamics.
TTPs: T1566.002 (Spearphishing Link); T0883 (Internet Accessible Device); T1078 (Valid Accounts); T1133 (External Remote Services); T0816 (Device Restart/Shutdown); T0843 (Program Download); T1562 (Impair Defenses); T1485 (Data Destruction); T1498 (Network DoS); T1219 (Remote Access Tools)
IOCs: Consult CISA AA26-097A directly — https://www.cisa.gov/news-events/cybersecurity-advisories/aa26-097a
Note: CISA’s degraded capacity due to government shutdown may delay updated IOC publication. Monitor sector ISACs and allied CERTs for supplemental indicators.

Ukraine — UAC-0247 (AgingFly Campaign)

Attribution: CERT-UA — confirmed
Targeted Sectors: Ukrainian government, healthcare, defense-affiliated organizations
TTPs: T1566.002 (Spearphishing Link); T1059.001 (PowerShell); T1059.003 (Windows Command Shell); T1620 (Reflective Code Loading); T1027.010 (Command Obfuscation); T1218 (System Binary Proxy Execution); T1555.003 (Credentials from Web Browsers); T1539 (Steal Web Session Cookie); T1547.001 (Registry Run Keys); T1572 (Protocol Tunneling); T1041 (Exfiltration over C2)
Unique characteristic: Runtime .NET code compilation (csc.exe, vbc.exe, MSBuild.exe) as primary detection evasion technique
IOCs: Retrieve directly from CERT-UA official advisory before operationalizing — IOCs in secondary source reporting require confirmation

China — APT41

Attribution: Multiple threat intelligence sources — medium confidence based on available source data
Targeted Sectors: Multi-cloud environments; AWS, GCP, Azure, Alibaba Cloud credential targeting
TTPs: T1078 (Valid Accounts); T1078.004 (Cloud Accounts); T1528 (Steal Application Access Token); T1552.005 (Cloud Instance Metadata API); T1568 (Dynamic Resolution); T1530 (Data from Cloud Storage); T1556 (Modify Authentication Process); T1583.001 (Typosquatted Domains)
IOCs: No confirmed public IOCs at time of reporting; monitor cloud provider TI feeds
Note: APT41 attribution based on source data characterization; direct MITRE ATT&CK Group page at https://attack.mitre.org/groups/G0096/ for corroboration

Cross-Sector — Nation-State AI Vulnerability Discovery (Project Glasswing Assessment)

Anthropic’s assessment attributes AI-assisted zero-day discovery capability to China, Iran, North Korea, and Russia as state-sponsored actors. This is a capability-tier assessment, not a confirmed exploitation event, but the strategic implication is that patch windows for OS and browser-class vulnerabilities are compressing toward zero-day at scale. Defenders should treat this as a threat model update requiring review of patch SLAs for OS, browser, and security infrastructure categories.

Phishing & Social Engineering Alert

ATHR AI-Powered Vishing Platform — Automated Voice Agent Attacks Against Google, Microsoft, and Crypto Accounts

The ATHR (Automated Telephony and Human-Risk) platform provides crime-as-a-service capability for end-to-end vishing attacks using AI voice synthesis to impersonate support staff from Google, Microsoft, Coinbase, Binance, Gemini, Crypto.com, Yahoo, and AOL. Unlike manual vishing, ATHR automates the complete attack chain: target identification, synthetic voice call initiation, credential harvesting, and MFA bypass via real-time OTP relay (T1621). The platform specifically exploits the human tendency to trust voice communications and the absence of caller ID authentication standards.

Attack characteristics: inbound calls claim to be from platform security teams; caller ID is spoofed; callers request verbal confirmation of credentials or OTP codes to “verify” the account. Evasion technique: AI voice quality is sufficient to defeat audio-based suspicion in most cases. Affected platforms: any account using SMS or TOTP-based MFA on the named platforms. SMS MFA does not stop this attack. Only phishing-resistant MFA (FIDO2, hardware security keys, certificate-based authentication) provides reliable protection.

Detection guidance: Monitor authentication logs for MFA push floods (T1621) correlated with inbound call activity. Flag authentication events from unusual geographies or devices following reported suspicious calls. Treat employee reports of unexpected account-security calls as potential active-attack indicators requiring immediate triage. Train employees that legitimate support from these platforms will never verbally request OTPs or passwords.

W3LL PhaaS Dismantled After $20M BEC — Microsoft 365 AiTM Techniques Still Active

W3LL, a Phishing-as-a-Service platform responsible for approximately $20M in BEC fraud attempts against Microsoft 365 tenants and over 17,000 victims, was dismantled by law enforcement. However, the AiTM (Adversary-in-the-Middle) techniques W3LL pioneered — bypassing standard TOTP MFA via transparent proxy session hijacking (T1557, T1539) — are now widely replicated across the criminal ecosystem. W3LL’s takedown does not reduce near-term risk from this technique class. Organizations must enforce phishing-resistant MFA (FIDO2) and Microsoft Entra ID Conditional Access with token protection to address this threat. Standard TOTP and push MFA remain vulnerable to AiTM attacks.

Storm-1175 Medusa Ransomware — 24-Hour Exploitation Window from Public Disclosure

Microsoft Threat Intelligence reports that Storm-1175, the initial access broker cluster deploying Medusa ransomware, operates on a 24-hour exploitation window from public vulnerability disclosure to active exploitation against target sectors. Healthcare, education, finance, and professional services organizations are primary targets. This timeline is incompatible with monthly patch cycles. Organizations in these sectors must implement emergency patch procedures for internet-facing systems and ensure CISA KEV monitoring triggers immediate escalation rather than queued remediation.

Indicators of Compromise

Campaign / Story IOC Type Value Confidence Context
DPRK ZshBucket / Axios npm (SCC-CAM-2026-0188) Hash Not available — retrieve from CrowdStrike advisory Low (pending primary source) ZshBucket malware variants; confirmed IOCs at CrowdStrike advisory
DPRK ZshBucket / Axios npm (SCC-CAM-2026-0188) Domain Not available — retrieve from CrowdStrike advisory Low (pending primary source) STARDUST CHOLLIMA C2 infrastructure; JSON-based command and control
DPRK ZshBucket / Axios npm (SCC-CAM-2026-0188) Behavioral — Process Node.js/npm postinstall spawning PowerShell (Windows), Python (Linux), osascript (macOS) High Abnormal for legitimate HTTP library; primary detection signal (T1059.001, T1059.006, T1059.002)
DPRK ZshBucket / Axios npm (SCC-CAM-2026-0188) File artifact peinject binary — check temp directories and npm cache paths Medium Process injection staging artifact (T1055)
108 Malicious Chrome Extensions (SCC-CAM-2026-0177) IP 144.126.135[.]238 Medium Shared C2 server for all 108 extensions; OAuth2 token and Telegram session cookie exfiltration destination. Verify against authoritative TI before broad production blocking.
Axios SSRF/Header Injection (CVE-2026-40175 / SCC-CVE-2026-0036) IP 169.254.169.254 High AWS IMDSv1 endpoint; outbound requests from application processes to this IP indicate SSRF exploitation
Axios SSRF/Header Injection (CVE-2026-40175) URL path http://169.254.169.254/latest/meta-data/iam/security-credentials/ High IMDS path for IAM role credential retrieval via SSRF (T1552.005)
Axios SSRF/Header Injection (CVE-2026-40175) URL path http://169.254.169.254/latest/dynamic/instance-identity/document Medium IMDS instance identity path commonly retrieved alongside credentials
MajorDoMo RCE (CVE-2026-27174 / SCC-CVE-2026-0051) URL pattern /admin.php?ajax_panel=1&op=console&command=<payload> High GET request pattern for unauthenticated RCE via PHP console handler; 302 redirect does not indicate failed exploitation
MajorDoMo OS Command Injection (CVE-2026-27175 / SCC-CVE-2026-0032) URL pattern /rc/index.php (param field with shell metacharacters) and /cycle_execs.php High Two-step exploitation: command queued via rc/index.php, executed via cycle_execs.php within ~2 seconds
Apache ActiveMQ Jolokia RCE (CVE-2026-34197 / SCC-CVE-2026-0046) URL path /api/jolokia (HTTP POST/GET with exec or write operations) High Jolokia API abuse path; look for in ActiveMQ access logs on port 8161
Apache ActiveMQ Jolokia RCE URL path /jolokia (alternate path) High Alternate Jolokia endpoint; same detection logic applies
Nginx UI MCP Missing Auth (CVE-2026-33032 / SCC-CVE-2026-0038) URL path /mcp_message (unauthenticated POST/GET) High Unauthenticated MCP endpoint enabling Nginx config manipulation and service control
EssentialPlugin WordPress Supply Chain (SCC-CAM-2026-0178) File path wp-comments-posts.php (in anomalous WordPress location outside core structure) Medium Masquerading file (T1036.005); legitimate WordPress does not include this filename outside core
EssentialPlugin WordPress Supply Chain Domain type Ethereum JSON-RPC endpoints (e.g., infura.io) called from web server processes Medium Blockchain-based C2 resolution; outbound calls from PHP/web server processes to public Ethereum nodes are anomalous (T1102)
ZionSiphon ICS Malware (SCC-CAM-2026-0182) Hash Not published — retrieve from Darktrace blog Low (pending primary source) ZionSiphon binary hashes at Darktrace advisory
ZionSiphon ICS Malware Behavioral — Network Modbus function code 6 or 16 (Write Register) to flow control or chemical dosing registers outside authorized change windows High Primary OT exploitation signal; T0836 (Modify Parameter), T0855 (Unauthorized Command Message)
Nexcorium Mirai Variant (SCC-CAM-2026-0187) CVE references CVE-2024-3721 (TBK DVR), CVE-2017-17215 (Huawei HG532), CVE-2023-33538 (TP-Link) High Actively exploited IoT vulnerabilities in active botnet campaign; monitor Spamhaus and abuse.ch Feodo Tracker for C2 IPs
AgingFly / UAC-0247 (SCC-CAM-2026-0179) Hash / Domain Pending — retrieve from CERT-UA advisory directly Low (pending primary source) Runtime-compiled payloads; IOCs require CERT-UA confirmation before production deployment
Windows Defender LPE (CVE-2026-33825 / RedSun / UnDefend) Behavioral SYSTEM-level process spawned from non-SYSTEM parent; taskhostw.exe spawning shell interpreters; Defender signature update failures outside maintenance windows High Behavioral indicators for active exploitation; no confirmed public static IOCs
Lumma Stealer + SectopRAT (SCC-CAM-2026-0181) Domain / Hash Not available — source from Malpedia and VirusTotal threat intelligence Low (pending primary source) Current Lumma C2 infrastructure reconstituted post-May 2025 disruption; check Malpedia Lumma entry
Lumma Stealer Behavioral — File Access to Chrome User Data, Firefox profile directories, cryptocurrency wallet files by non-browser processes High T1555.003; high-confidence indicator of active infostealer credential harvesting
Dragon Boss Adware/AV Killer (SCC-CAM-2026-0183) Behavioral — Registry Scheduled task creation (Event ID 4698) combined with Defender exclusion modification (Event ID 5007) in close temporal proximity High Combined signal is high-confidence; T1053.005 + T1562.001 paired detection
APT41 Cloud Credential Theft (SCC-CAM-2026-0174) Domain pattern Typosquatted variations of amazonaws.com, googleapis.com, azure.com, login.microsoftonline.com, aliyuncs.com Medium C2 resolution via cloud endpoint impersonation (T1583.001, T1568); specific domains not confirmed

Helpful 5: High-Value Low-Effort Mitigations

1. Disable Auto-Merge on All Dependabot and Renovate Pull Requests Today

Why this week: The Dependabot/Renovate abuse campaign (SCC-CAM-2026-0186) and the DPRK Axios supply chain compromise both exploit automated dependency update pipelines. Auto-merge without human review converts your automation into an adversary delivery mechanism.

How:

  1. GitHub: Navigate to each repository → Settings → Branches → Branch Protection Rules → disable “Allow auto-merge.”
  2. GitHub API: Set allow_auto_merge: false via the repos/{owner}/{repo} endpoint for bulk updates.
  3. Renovate: Add "automerge": false to renovate.json in all repositories.
  4. Add CODEOWNERS rules requiring at least one human reviewer approval on any PR that modifies package.json, requirements.txt, or equivalent dependency manifests.
  5. Query GitHub Audit Log API for actor:dependabot[bot] merged PRs without human approval in the past 30 days and review each.

Framework alignment: NIST CSF 2.0 GV.SC-01 (Supply Chain Risk Management Program); NIST 800-53 SR-3 (Supply Chain Controls and Processes); CIS v8 Control 2.5 (Allowlist Authorized Software), 2.6 (Allowlist Authorized Libraries)

2. Audit and Rotate All Credentials Accessible to Node.js Build Pipelines

Why this week: The DPRK Axios compromise, Trivy supply chain event, and LiteLLM/Telnyx PyPI compromises all specifically targeted credentials accessible to build and scanning tooling. Any secret present in an environment where these tools executed during their compromise windows should be treated as potentially stolen.

How:

  1. Identify all CI/CD pipelines that executed Axios (npm install), Trivy scans, or LiteLLM during March–April 2026.
  2. Enumerate every secret accessible to those pipeline runners: npm tokens, cloud provider access keys (AWS, GCP, Azure), API keys, OAuth tokens, and service account credentials.
  3. Rotate all identified credentials. For AWS: rotate IAM access keys via console or CLI (aws iam create-access-key and aws iam delete-access-key). For npm: npm token revoke <token>.
  4. Implement OIDC federation for CI/CD pipelines to eliminate long-lived static credentials. GitHub Actions supports OIDC with AWS, GCP, and Azure natively.
  5. Enforce short-lived tokens (max 1-hour TTL) for all pipeline credential grants.

Framework alignment: NIST 800-53 IA-5 (Authenticator Management); CIS v8 Control 5.2 (Use Unique Passwords); NIST CSF 2.0 PR.AA-02 (Identity Management)

3. Enforce IMDSv2 on All EC2 Instances to Block SSRF-Based Metadata Exfiltration

Why this week: CVE-2026-40175 (Axios SSRF/Header Injection, CVSS 9.1) enables unrestricted exfiltration of IAM role credentials via SSRF to 169.254.169.254. IMDSv2, which requires session-oriented token requests, blocks this attack class even on unpatched Axios versions.

How:

  1. AWS CLI: aws ec2 modify-instance-metadata-options --instance-id <id> --http-tokens required --http-endpoint enabled for each instance.
  2. Bulk enforcement via AWS Config rule: ec2-imdsv2-check identifies non-compliant instances.
  3. Set IMDSv2 as the default for new instances via Launch Template settings: MetadataOptions.HttpTokens = required.
  4. Enable VPC Flow Logs and alert on any outbound traffic to 169.254.169.254 from application subnets as an immediate detection layer.
  5. Equivalents: GCP uses VM metadata service options; Azure uses IMDS with similar token requirements — verify per cloud provider documentation.

Framework alignment: NIST 800-53 SC-7 (Boundary Protection); CIS v8 Control 13.4 (Perform Traffic Filtering Between Network Segments); OWASP A10:2021 (SSRF)

4. Isolate All Internet-Facing OT/ICS Devices — Network Segmentation Enforcement Now

Why this week: Iran-affiliated actors have resumed ICS/OT targeting (SCC-CAM-2026-0185, SCC-CAM-2026-0172) following Operation Epic Fury. The Nexcorium Mirai variant (SCC-CAM-2026-0187) is actively exploiting EoL IoT devices. The ZionSiphon water infrastructure malware adds a third concurrent OT threat vector. Internet-exposed industrial devices are the single highest-impact attack surface this week.

How:

  1. Inventory: Query asset management and run Shodan/Censys internal scans for OT protocol ports — EtherNet/IP (44818), Modbus TCP (502), DNP3 (20000), S7comm (102) — accessible from internet-facing segments.
  2. Isolate: Apply firewall ACLs denying all inbound traffic to OT management interfaces from untrusted networks. Default-deny for EtherNet/IP and Modbus at the perimeter.
  3. VPN-only: All legitimate remote access to OT assets must traverse authenticated, MFA-enforced VPN with jump-host intermediary. Disable direct NAT for any PLC or HMI.
  4. EoL devices: Identify TBK DVR-4104/4216, TP-Link TL-WR940N/740N/841N, and Huawei HG532 devices and decommission or isolate immediately — patches are not available for EoL models.
  5. Verify: Scan your own OT segment from the internet perspective using a Shodan Enterprise or Censys API query to confirm no residual exposure.

Framework alignment: NIST 800-53 SC-7 (Boundary Protection), AC-17 (Remote Access); CIS v8 Control 12.2 (Establish and Maintain a Secure Network Architecture); NIST CSF 2.0 PR.IR-01 (Networks segmented)

5. Deploy or Verify Enforcement of Microsoft Vulnerable Driver Blocklist (HVCI) to Counter BYOVD Attacks

Why this week: The BYOVD ecosystem expansion (SCC-STY-2026-0060) and the Dragon Boss AV-killer campaign (SCC-CAM-2026-0183) both exploit vulnerable signed kernel drivers to disable EDR agents. The Windows Defender LPE zero-days compound this by creating a kernel-mode attack surface. HVCI + Microsoft Vulnerable Driver Blocklist is the most effective technical countermeasure.

How:

  1. Check blocklist enforcement status: In Group Policy, navigate to Computer Configuration → Administrative Templates → System → Device Guard → “Deploy Windows Defender Application Control.” Confirm HVCI is enabled, not merely configured.
  2. Enable HVCI: Settings → Windows Security → Device Security → Core Isolation → Memory Integrity. Or via Intune: Device Configuration → Endpoint Protection → Windows Defender Credential Guard → Enable with UEFI lock.
  3. Query loaded drivers: Use Get-WinEvent -LogName Microsoft-Windows-CodeIntegrity/Operational to surface driver load events and cross-reference against loldrivers.io (community vulnerable driver database).
  4. Monitor Event ID 6 (Sysmon, kernel driver loaded) for drivers loaded from non-standard paths (user profile directories, temp folders).
  5. Alert on Defender exclusion modifications: Enable Windows Defender Operational log (Microsoft-Windows-Windows Defender/Operational), filter Event ID 5007 for Add-MpPreference -ExclusionPath invocations — the Dragon Boss signature.

Framework alignment: NIST 800-53 SI-7 (Software, Firmware, and Information Integrity), AC-3 (Access Enforcement); CIS v8 Control 10.5 (Enable Anti-Exploitation Features); NIST CSF 2.0 PR.PS-01 (Configuration Management)

Framework Alignment Matrix

Threat MITRE Tactic MITRE Technique NIST 800-53 (Rev 5) CIS v8 Controls
DPRK Axios / ZshBucket Supply Chain Initial Access T1195.001, T1195.002 SR-3, SR-2, SA-9, SI-7 2.5, 2.6, 15.1
DPRK Axios / ZshBucket Execution Execution T1059.001, T1059.006, T1059.002 CM-7, SI-3 2.5, 2.6
DPRK ZshBucket Evasion/Forensics Defense Evasion T1070, T1055, T1027 SI-4, CA-7, AU-9 8.2, 8.5
Iran ICS/OT — Rockwell PLCs Initial Access T0883, T1566.002, T1133 SC-7, AC-17, AC-20 6.3, 12.2
Iran ICS/OT — OT Impact Impact / Inhibit Response T0816, T0843, T0855, T0831 AC-6, CM-6, AU-9 6.1, 6.2
Windows Defender LPE (BlueHammer/RedSun/UnDefend) Privilege Escalation T1068, T1548 AC-6, SI-2, CM-6 5.4, 6.8, 7.3
Windows Defender LPE — Defense Evasion Defense Evasion T1562.001 SI-3, SI-4, CM-7 10.1
Apache ActiveMQ Jolokia RCE Initial Access / Execution T1190, T1059, T1078.001 AC-17, SI-2, CM-7, IA-2 6.3, 7.3, 7.4
Dependabot/Renovate Abuse Initial Access / Execution T1195.001, T1072, T1554 SR-3, CM-3, SI-7 2.5, 2.6, 15.1
protobuf.js RCE (GHSA-xq3m-2v4x-88gg) Initial Access / Lateral Movement T1190, T1059.007, T1210 SR-3, SI-10, RA-5 7.3, 7.4, 16.10
MajorDoMo RCE/Command Injection (CVE-2026-27174/27175) Initial Access / Execution T1190, T1059.004, T1203 SC-7, SI-2, SI-10, IA-2 6.3, 16.10
Cisco ISE/Webex SAML Impersonation Credential Access / Defense Evasion T1606.002, T1550.001, T1078 SC-17, SC-8, IA-2, IA-5 6.3, 6.4, 6.5
HashiCorp Vault Authorization Header (CVE-2026-4525) Credential Access / Defense Evasion T1552.001, T1550.001 AC-6, CM-6 5.4, 6.3
HashiCorp Vault KVv2 Glob Delete (CVE-2026-3605) Privilege Escalation / Impact T1548, T1485 AC-6, CM-6 5.4
BYOVD / EDR Killers Defense Evasion / Privilege Escalation T1562.001, T1068, T1014, T1211 SI-7, AC-6, SR-3 5.4, 6.8
Ransomware — Storm-1175 / Medusa / Q1 2026 Activity Impact / Exfiltration T1486, T1567.002, T1489, T1078 CP-9, CP-10, AC-6, SI-4 11.2, 11.3
ATHR AI Vishing Platform Credential Access / Initial Access T1598.004, T1566.004, T1621, T1656 AT-2, IA-2, IA-5, AC-7 6.3, 6.4, 6.5, 14.2
W3LL PhaaS / AiTM Credential Access T1557, T1539, T1114.003 IA-2, IA-5, SI-8 6.3, 6.4, 6.5
ShinyHunters / Salesforce Misconfiguration Collection / Exfiltration T1213, T1530, T1537, T1078 AC-3, AC-6, SC-28 3.3, 6.1, 6.2
ShinyHunters / Anodot → Snowflake/S3 Credential Access / Collection T1528, T1199, T1078.004, T1530 IA-5, IA-2, AC-3, SR-2 6.3, 6.4, 6.5
APT41 Cloud Backdoor Credential Access / Defense Evasion T1552.005, T1528, T1078.004, T1568 IA-2, IA-5, SI-4, AC-6 6.3, 6.4, 6.5
CVE-2026-20929 — Kerberos CNAME Relay / AD CS Credential Access / Defense Evasion T1558, T1649, T1550.003, T1557 SC-17, SC-8, IA-5, AC-6 3.10, 6.3
EssentialPlugin WordPress Supply Chain Initial Access / C2 T1195.002, T1102, T1036.005 SR-3, CM-7, SI-7 2.5, 2.6
ZionSiphon ICS Malware Impact / Impair Process Control T0831, T0836, T0855, T0813 SI-3, SI-4, AC-3 6.1, 6.2, 14.2

Upcoming Security Events & Deadlines

  • April 27, 2026 — CISA KEV Deadline: Adobe Acrobat and Reader CVE-2026-34621 (Prototype Pollution RCE). Federal agencies must remediate by this date; commercial organizations should treat this as a target patch date given active exploitation.
  • April 28, 2026 — CISA KEV Deadline: Microsoft SharePoint Server CVE-2026-32201 (Improper Input Validation). Apply April 2026 Patch Tuesday update. Restrict external access to SharePoint Server immediately if patch has not been applied.
  • May 8, 2026 — OpenAI macOS Certificate Revocation Deadline: All installations of OpenAI ChatGPT Desktop, Codex, Codex CLI, and Atlas on macOS must be updated to re-signed releases before this date or will cease functioning. This is a hard deadline — plan end-user communication and update deployment now.
  • May 13, 2026 — Next Microsoft Patch Tuesday: Standard second-Tuesday cadence. Given the current unpatched state of RedSun and UnDefend Windows Defender LPE zero-days, monitor this Patch Tuesday release for emergency out-of-band updates or planned remediation for both CVEs.
  • Ongoing — CISA KEV Deadlines (No Date Published): MajorDoMo CVE-2026-27174 and CVE-2026-27175, Windows Defender CVE-2026-33825, and Nginx UI CVE-2026-33032 are on CISA KEV without published remediation deadlines. Federal agencies must remediate on an expedited schedule; commercial organizations should treat these as P1 items.
  • Ongoing — CISA Shutdown Monitoring: Track CISA operational status at https://www.cisa.gov. Supplement with E-ISAC, WaterISAC, FS-ISAC, and NCSC-UK advisories during any continued capacity degradation.
  • Ongoing — April 2026 Windows Server KB5082063 Deployment Issue: Monitor Microsoft Windows Server 2025 release health page at learn.microsoft.com for out-of-band update or workaround for concurrent LSASS crash, BitLocker lockout, and 0x800F0983 installation failure issues. Verify patch compliance reporting distinguishes “approved but failed” from “installed successfully” until resolved.
  • Ongoing — NVD Enrichment Gap: NIST NVD triage policy change effective ~April 15, 2026 creates ongoing enrichment gaps for non-KEV CVEs. Update vulnerability management pipeline SLAs and enrichment source configurations as a standing operational task.

Sources

Section 3 — Key Security Stories & Section 2 — Critical Action Items

Section 4 — CVE Table

Section 5 — Supply Chain & Developer Tool Threats

Section 6 — Nation-State & APT Activity

Section 7 — Phishing & Social Engineering

Section 8 — IOCs

Sections 9–11 — Framework and Deadline References

Author

Tech Jacks Solutions

Leave a comment

Your email address will not be published. Required fields are marked *