Weekly Cyber Threat Briefing: April 27 – Key Breaches, AI Exploits, and Critical Patches

Major Attacks and Data Breaches

This week's cybersecurity landscape saw a series of significant incidents affecting organizations across different sectors. From cloud platforms to national identity authorities, attackers leveraged compromised credentials, supply chain weaknesses, and insider threats. Below are the most notable events.

Vercel Incident Linked to Context.ai Compromise

Vercel, a prominent frontend cloud platform, disclosed a security breach tied to a compromise at Context.ai. Attackers used stolen OAuth tokens from a connected application to gain unauthorized access. According to Vercel, the exposed data included employee information, internal logs, and a subset of environment variables. Crucially, the company emphasized that the most sensitive secrets remained protected. This incident underscores the risks of third-party integrations and the importance of robust token management.

France Titres Data Breach

France's identity document authority, France Titres, detected a breach on April 15. The compromised data may include names, birth dates, email addresses, login IDs, and some physical addresses and phone numbers. A hacker has already offered the purported agency data for sale on dark web marketplaces. Affected individuals should watch for phishing attempts and consider enabling identity monitoring services.

UK Biobank Breach: Health Data of 500,000 Volunteers Exposed

UK Biobank, a major research organization, confirmed a breach after de-identified health data of half a million volunteers appeared for sale on Chinese marketplaces. Officials stated that the listings were removed and believed to be unsold. In response, UK Biobank suspended access, shut down the research platform, and imposed download limits. While the data was anonymized, the incident raises concerns about the security of sensitive medical information.

Bitwarden Supply-Chain Attack via Malicious npm Package

Popular password manager Bitwarden suffered a supply-chain attack when a malware-tainted CLI release was published to npm on April 22. The compromised version (2026.4.0) was downloaded by 334 developers during a short window. Bitwarden stated that the attack exploited a hijacked GitHub account, potentially exposing developers' system credentials. However, the company assured users that vault data remained unaffected. This incident highlights the growing threat of software supply chain compromises targeting development tools.

Emerging AI Cyber Threats

Cybercriminals and researchers alike are exploring new ways to exploit artificial intelligence systems. This week brought reports of unauthorized access to unreleased AI models, AI-assisted exploitation platforms, and prompt injection vulnerabilities.

Unauthorized Access to Anthropic’s Claude Mythos Preview

Researchers flagged unauthorized access to Anthropic’s Claude Mythos Preview, an unreleased AI cybersecurity model. A small Discord group reportedly used shared contractor accounts, API keys, and predictable URLs to reach the system via a third-party vendor environment. Anthropic said it is investigating and has not seen any impact to core systems. This incident illustrates the risks of granting excessive access to external partners and the ease with which shared credentials can be abused.

Bissa Scanner: AI-Powered Exploitation Platform

Security researchers observed Bissa Scanner, an AI-assisted exploitation platform that leverages Claude Code and OpenClaw to automate mass scanning, exploitation, and credential harvesting. The platform focused on the React2Shell vulnerability (CVE-2025-55182), scanning millions of targets, confirming over 900 compromises, and collecting tens of thousands of exposed environment files. This marks a worrying trend where threat actors use AI to scale up attacks efficiently.

Google Antigravity IDE Prompt Injection Flaw

A prompt-injection exploit chain was discovered in Google’s Antigravity agentic IDE, enabling sandbox escape and remote code execution. The flaw abused a file search tool that executed before security checks, allowing attackers to convert a benign prompt into system compromise—even when Secure Mode was active. Google has patched the vulnerability. This case highlights how AI-driven development environments can introduce new attack surfaces.

Critical Vulnerabilities and Patches

Both Microsoft and Apple released out-of-band fixes this week to address severe vulnerabilities. Organizations should prioritize these patches to prevent potential exploitation.

Microsoft Out-of-Band Fix for ASP.NET Core Privilege Escalation (CVE-2026-40372)

Microsoft issued an emergency fix for CVE-2026-40372, a critical ASP.NET Core privilege escalation flaw rated 9.1 (CVSS). The bug affects Data Protection versions 10.0.0 through 10.0.6. An attacker could forge cookies and antiforgery tokens, impersonate users, and gain SYSTEM-level access on Linux or macOS deployments. Administrators running affected versions should apply the patch immediately.

Apple iOS/iPadOS Notification Services Bug (CVE-2026-28950)

Apple released updates for CVE-2026-28950 in iOS and iPadOS, a vulnerability in Notification Services that could allow an attacker to bypass privacy protections or execute remote code. Specific details remain limited, but given Apple’s rapid out-of-band release, the exploit is likely being actively targeted or has high impact. Users are urged to install the latest OS updates.

For a full list of indicators of compromise and technical details, download our Threat Intelligence Bulletin.