Summary
Between April 20–27, 2026, there were 10 vulnerability advisories and 21 cybersecurity incidents impacting nearly 1 million individuals, with the largest being the UK Biobank breach exposing 500,000 records. Key threats included ransomware attacks, extortion campaigns (ADT, Udemy, Canada Life), critical vulnerabilities across Oracle, Microsoft ASP.NET Core, and Atlassian, plus actively exploited flaws in Cisco, Zimbra, and D-Link products.
Take Action:
If you use the Bitwarden CLI (@bitwarden/cli) version 2026.4.0, treat it as fully compromised - uninstall it immediately, downgrade to 2026.3.0, and rotate every credential on that machine (GitHub/npm tokens, AWS/GCP/Azure keys, SSH keys, .env secrets). Block audit.checkmarx.cx at your network egress and audit your GitHub account for unauthorized repos or workflow changes.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)